OVMSA-2016-0102

ULN >
Oracle Linux Errata repository >
OVMSA-2016-0102

OVMSA-2016-0102 - xen security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2016-09-08

Description

[4.4.4-75.0.2.el6]
- BUILDINFO: commit=a83239e012959a65503ebb44ee9c54620a9d78f5
- evtchn-fifo: prevent use after free (Boris Ostrovsky) {CVE-2016-7154}
- x86/segment: Bounds check accesses to emulation ctxt->seg_reg[] (Andrew Cooper) {CVE-2016-7094}
- x86/shadow: Avoid overflowing sh_ctxt->seg_reg[] (Andrew Cooper) {CVE-2016-7094}
- x86/32on64: don't allow recursive page tables from L3 (Jan Beulich) {CVE-2016-7092}

Related CVEs

CVE-2016-7092

CVE-2016-7094

CVE-2016-7154

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle VM 3.4 (x86_64)	xen-4.4.4-75.0.2.el6.src.rpm	34f175cc12c1823e9d8ef03424cc692c	OVMSA-2021-0014
	xen-4.4.4-75.0.2.el6.x86_64.rpm	901ab71cfcbb46e5f6c8e2795196c91f	OVMSA-2021-0014
	xen-tools-4.4.4-75.0.2.el6.x86_64.rpm	3081e114e713e5b7a370cbb311eb68c9	OVMSA-2021-0014

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691