Package : xen Version : 4.1.6.lts1-5 CVE ID : CVE-2016-10013 CVE-2016-10024
Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-10013 (xsa-204) Xen mishandles SYSCALL singlestep during emulation which can lead to privilege escalation. The vulnerability is only exposed to 64-bit x86 HVM guests. CVE-2016-10024 (xsa-202) PV guests may be able to mask interrupts causing a Denial of Service. For Debian 7 "Wheezy", these problems have been fixed in version 4.1.6.lts1-5. We recommend that you upgrade your xen packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
signature.asc
Description: PGP signature