1 |
type: security |
2 |
subject: Updated xen package fixes security issues |
3 |
CVE: |
4 |
- CVE-2013-2076 |
5 |
- CVE-2013-2077 |
6 |
- CVE-2013-2078 |
7 |
- CVE-2013-2194 |
8 |
- CVE-2013-2195 |
9 |
- CVE-2013-2196 |
10 |
- CVE-2013-2072 |
11 |
- CVE-2013-2211 |
12 |
- CVE-2013-1432 |
13 |
src: |
14 |
3: |
15 |
core: |
16 |
- xen-4.2.1-16.2.mga3 |
17 |
description: | |
18 |
This update fixes the following security issues: |
19 |
XSA-52/CVE-2013-2076: Information leak on XSAVE/XRSTOR capable AMD CPUs |
20 |
XSA-53/CVE-2013-2077: Hypervisor crash due to missing exception recovery on XRSTOR |
21 |
XSA-54/CVE-2013-2078: Hypervisor crash due to missing exception recovery on XSETBV |
22 |
XSA-55/CVE-2013-2194: integer overflows |
23 |
XSA-55/CVE-2013-2195: pointer dereferences |
24 |
XSA-55/CVE-2013-2196: other problems |
25 |
XSA-56/CVE-2013-2072: Buffer overflow in xencontrol Python bindings affecting xend |
26 |
XSA-57/CVE-2013-2211: libxl allows guest write access to sensitive console related xenstore keys |
27 |
XSA-58/CVE-2013-1432: Page reference counting error due to XSA-45/CVE-2013-1918 fixes |
28 |
references: |
29 |
- https://bugs.mageia.org/show_bug.cgi?id=10586 |
30 |
ID: MGASA-2013-0197 |