This bug was fixed in the package xen - 4.7.2-0ubuntu1 --------------- xen (4.7.2-0ubuntu1) yakkety; urgency=medium
* Rebasing to upstream stable release 4.7.2 (LP: #1672767) https://www.xenproject.org/downloads/xen-archives/xen-47-series.html - Includes fix for booting 4.10 Linux kernels in HVM guests on Intel hosts which support the TSC_ADJUST MSR (LP: #1671760) - Dropping: d/p/preup-tools-fix-linear-p2m-save.patch which is part of the stable update. - Additional security relevant changes: * XSA-207 - memory leak when destroying guest without PT devices - Replacing the following security fixes with the versions from the stable update: * CVE-2016-6258 / XSA-182 - x86: Privilege escalation in PV guests * CVE-2016-6259 / XSA-183 - x86: Missing SMAP whitelisting in 32-bit exception / event delivery * CVE-2016-7092 / XSA-185 - x86: Disallow L3 recursive pagetable for 32-bit PV guests * CVE-2016-7093 / XSA-186 - x86: Mishandling of instruction pointer truncation during emulation * CVE-2016-7094 / XSA-187 - x86 HVM: Overflow of sh_ctxt->seg_reg[] * CVE-2016-7777 / XSA-190 - CR0.TS and CR0.EM not always honored for x86 HVM guests * CVE-2016-9386 / XSA-191 - x86 null segments not always treated as unusable * CVE-2016-9382 / XSA-192 - x86 task switch to VM86 mode mis-handled * CVE-2016-9385 / XSA-193 - x86 segment base write emulation lacking canonical address checks * CVE-2016-9384 / XSA-194 - guest 32-bit ELF symbol table load leaking host data * CVE-2016-9383 / XSA-195 - x86 64-bit bit test instruction emulation broken * CVE-2016-9377, CVE-2016-9378 / XSA-196 - x86 software interrupt injection mis-handled * CVE-2016-9379, CVE-2016-9380 / XSA-198 - delimiter injection vulnerabilities in pygrub * CVE-2016-9932 / XSA-200 - x86 CMPXCHG8B emulation fails to ignore operand size override * CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA-201 - ARM guests may induce host asynchronous abort * CVE-2016-10024 / XSA-202 - x86 PV guests may be able to mask interrupts * CVE-2016-10025 / XSA-203 - x86: missing NULL pointer check in VMFUNC emulation * CVE-2016-10013 / XSA-204 - x86: Mishandling of SYSCALL singlestep during emulation * Copy contents of debian/build/install-utils_$(ARCH)/usr/sbin into debian/build/install-utils_$ARCH/usr/lib/xen-$(VERSION) (LP: #1396670). -- Stefan Bader <stefan.ba...@canonical.com> Tue, 14 Mar 2017 15:45:59 +0100 ** Changed in: xen (Ubuntu Yakkety) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-10013 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-10024 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-10025 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-6258 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-6259 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-7092 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-7093 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-7094 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-7777 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9377 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9378 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9379 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9380 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9382 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9383 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9384 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9385 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9386 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9815 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9816 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9817 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9818 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9932 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1672767 Title: Xen stable update to 4.7.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xen/+bug/1672767/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs