OVMSA-2017-0116
- ULN >
- Oracle Linux Errata repository >
- OVMSA-2017-0116
OVMSA-2017-0116 - xen security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2017-06-29 |
Description
[4.4.4-115.0.12.el6]
- BUILDINFO: xen commit=74b662e79bc874fe8ad8a93d2891e6569c380004
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- gnttab: __gnttab_unmap_common_complete() is all-or-nothing (Jan Beulich) [Orabug: 26288614]
- gnttab: correct logic to get page references during map requests (George Dunlap) [Orabug: 26288614]
- gnttab: never create host mapping unless asked to (Jan Beulich) [Orabug: 26288614]
- gnttab: Fix handling of dev_bus_addr during unmap (George Dunlap) [Orabug: 26288614]
- x86/shadow: Hold references for the duration of emulated writes (Andrew Cooper) [Orabug: 26288568]
- x86/mm: disallow page stealing from HVM domains (Jan Beulich) [Orabug: 26288534]
- guest_physmap_remove_page() needs its return value checked (Jan Beulich) [Orabug: 26288602]
- xen/memory: Fix return value handing of guest_remove_page() (Andrew Cooper) [Orabug: 26288602]
- evtchn: avoid NULL derefs (Jan Beulich) [Orabug: 26288583]
- gnttab: correct maptrack table accesses (Jan Beulich) [Orabug: 26288557]
- gnttab: Avoid potential double-put of maptrack entry (George Dunlap) [Orabug: 26288557]
- gnttab: fix unmap pin accounting race (Jan Beulich) [Orabug: 26288557]
- IOMMU: handle IOMMU mapping and unmapping failures (Quan Xu) [Orabug: 26288557]
- xen/disk: don't leak stack data via response ring (Jan Beulich) [Orabug: 26198945]
[4.4.4-115.0.11.el6]
- BUILDINFO: xen commit=7b45c3eb48a884f56f072a97a9a8da4d0b1077ed
- BUILDINFO: QEMU upstream commit=44c5f0a55d9a73e592426c33ce5705c969681955
- BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- livepatch: Wrong usage of spinlock on debug console. (Konrad Rzeszutek Wilk) [Orabug: 26248311]
[4.4.4-115.0.10.el6]
- BUILDINFO: xen commit=40e21e7aea2b8bbc991346c3f516dfac4f94affe
- BUILDINFO: QEMU upstream commit=44c5f0a55d9a73e592426c33ce5705c969681955
- BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- x86/do_invalid_op() should use is_active_kernel_text() rather than having its (Konrad Rzeszutek Wilk) [Orabug: 26129273]
[4.4.4-115.0.9.el6]
- BUILDINFO: xen commit=0eadc919cf32139e5565e0d869ed09f35c0a3212
- BUILDINFO: QEMU upstream commit=44c5f0a55d9a73e592426c33ce5705c969681955
- BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- kexec: Add spinlock for the whole hypercall. (Konrad Rzeszutek Wilk) [Orabug: 25861742]
- kexec: clear kexec_image slot when unloading kexec image (Bhavesh Davda) [Orabug: 25861742]
[4.4.4-115.0.8.el6]
- BUILDINFO: xen commit=8b90d66cd941599d50ee80e14fd144e337814bf6
- BUILDINFO: QEMU upstream commit=44c5f0a55d9a73e592426c33ce5705c969681955
- BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- x86: correct create_bounce_frame (tagged with CVE number) (Boris Ostrovsky) [Orabug: 25927739] {CVE-2017-8905}
- x86: discard type information when stealing pages (tagged with CVE number) (Boris Ostrovsky) [Orabug: 25927669] {CVE-2017-8904}
- multicall: deal with early exit conditions (tagged with CVE number) (Boris Ostrovsky) [Orabug: 25927592] {CVE-2017-8903}
[4.4.4-115.0.7.el6]
- BUILDINFO: xen commit=583dedab5ceddbae4d0384de0ade8feeee75f78c
- BUILDINFO: QEMU upstream commit=fcd17fdf18b95a9e408acc84f6d2b37cf3fc0335
- BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- tools/libxc: Set max_elem to zero in xc_lockprof_query_number() (Boris Ostrovsky) [Orabug: 26020611]
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle VM 3.4 (x86_64) | xen-4.4.4-115.0.12.el6.src.rpm | 2371f94a6759ca41df7d120651d162ac2481584cba009389169ffdf74749df2c | OVMBA-2024-0012 | ovm34_x86_64_latest |
| xen-4.4.4-115.0.12.el6.x86_64.rpm | b530c329a3254c53190564719452dc4e116be051d76b816addacbffbb11d83dd | OVMBA-2024-0012 | ovm34_x86_64_latest | |
| xen-tools-4.4.4-115.0.12.el6.x86_64.rpm | b2d8a4ff23021eb43f755bf272e04b3834a3d8be114ecdeac94a9e84be2746cd | OVMBA-2024-0012 | ovm34_x86_64_latest | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
