You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa xen

Sigurnosni nedostaci programskog paketa xen

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LDE

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4812-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
December 15, 2020 https://www.debian.org/security/faq
– ————————————————————————-

Package : xen
CVE ID : CVE-2020-29479 CVE-2020-29480 CVE-2020-29481 CVE-2020-29482
CVE-2020-29483 CVE-2020-29484 CVE-2020-29485 CVE-2020-29486
CVE-2020-29566 CVE-2020-29570 CVE-2020-29571

Multiple vulnerabilities have been discovered in the Xen hypervisor:

Several security issues affecting Xenstore could result in cross
domain access (denial of service, information leaks or privilege
escalation) or denial of service against xenstored.

Additional vulnerabilities could result in guest-to-host denial of
service.

For the stable distribution (buster), these problems have been fixed in
version 4.11.4+57-g41a822c392-2.

We recommend that you upgrade your xen packages.

For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl/YsNMACgkQEMKTtsN8
TjZ4GQ/9FwAo+5dic/sX/qgLUXC/6i4hGKzPj9d8LwMXpbzr4azqFbNEoGQpAdyq
SJUIbA+dtBnVCl83g1WLPwW5x6zmsyqNwfn2KM2lqB4tm/7z2B+nrfoWOIGjV3W5
VB1ZUw8Qk/ObPQL7tGYQuUyhwRwVN3Ymdm0s73Qck3OGCRAgarG3GNveAiKqFqCg
a51dPkfoHxozfEWs0MhxtPKpZDRctwv1ROUIuRqX49GAqkIto0JOzpgEFlW/mJ6Y
qipbM6t+Bv1ir78XyrZGTc/H4jQcaWpbnrQ3EWdQ/rbv8+wQTAgxkIAY33lWi5Rb
V3NnCJ4rasC3o0HMu4ImvYPS4wX0dTc76cO66s4jbs1Vj4pE/cZlGJ81T2HBu4Vq
Xsr7lQraRtjOmFkErW/ZK+YpWPzVL5wxkfwlpNRbVoIhtOdUCHDV+ZfzIGSBlgb+
xaYwoR5GjIyRHjyYX6cMxLCCilUCsqyQzMU0ovpt3wLV0ClCicH/VKgxM/DamEVy
VVOgpQ03YD12P1editGuZ1cli57ESO9k9mQeG7o2r8HspYOIsT+/cD7rMcw1quPc
ASY+6E6fJTZGJseisQXyqb6VuK/86DVjzFEjL6k8yb3bV/K3CVEf1Y/Kv3Ibrdp1
PVzK0ueYxV7Eoov5jYP1kSMswU7rcJd4aDgpHB8AwgeMjN7WFoE=
=Reu8
—–END PGP SIGNATURE—–

Autor161.53.13.146
Cert idNCERT-REF-2020-12-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libxstream java

Otkriven je sigurnosni nedostatak programske biblioteke libxstream java za operacijski sustav Debian. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog...

Close