Paketname
xen
Datum
2007-11-01
Advisory ID
MDKSA-2007:203
Betroffene Versionen
2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS4.0 i586 , CS4.0 x86_64 , 2007.1 x86_64

Problembeschreibung

Tavis Ormandy discovered a heap overflow flaw during video-to-video
copy operations in the Cirrus VGA extension code that is used in Xen.
A malicious local administrator of a guest domain could potentially
trigger this flaw and execute arbitrary code outside of the domain
(CVE-2007-1320).

Tavis Ormandy also discovered insufficient input validation leading to
a heap overflow in the NE2000 network driver in Xen. If the driver
is in use, a malicious local administrator of a guest domain could
potentially trigger this flaw and execute arbitrary code outside of
the domain (CVE-2007-1321, CVE-2007-5729, CVE-2007-5730).

Steve Kemp found that xen-utils used insecure temporary files within
the xenmon tool that could allow local users to truncate arbitrary
files (CVE-2007-3919).

Joris van Rantwijk discovered a flaw in Pygrub, which is used as a
boot loader for guest domains. A malicious local administrator of
a guest domain could create a carefully-crafted grub.conf file which
could trigger the execution of arbitrary code outside of that domain
(CVE-2007-4993).

Updated packages have been patched to prevent these issues.

Aktualisierte Pakete

2007.0 x86_64

 f35d3563e67a0a887c439657b2e29afb  2007.0/x86_64/xen-3.0.3-0.20060703.3.1mdv2007.0.x86_64.rpm 
 c939b93cb67251235a9c8f2824609702  2007.0/SRPMS/xen-3.0.3-0.20060703.3.1mdv2007.0.src.rpm

2007.1 i586

 183ef09d8ed8171adc894cbb606f922f  2007.1/i586/xen-3.0.3-0.20060703.5.1mdv2007.1.i586.rpm 
 f4a0bfc9c6d5ae01664c8a906580b873  2007.1/SRPMS/xen-3.0.3-0.20060703.5.1mdv2007.1.src.rpm

2007.0 i586

 70b7495f9eb6597b8dcff92a6a698a28  2007.0/i586/xen-3.0.3-0.20060703.3.1mdv2007.0.i586.rpm 
 c939b93cb67251235a9c8f2824609702  2007.0/SRPMS/xen-3.0.3-0.20060703.3.1mdv2007.0.src.rpm

CS4.0 i586

 ec6876abb87e57d61257f3b3c6659c22  corporate/4.0/i586/xen-3.0.1-3.1.20060mlcs4.i586.rpm 
 72a302b77a88766cc43276e431dabf79  corporate/4.0/SRPMS/xen-3.0.1-3.1.20060mlcs4.src.rpm

CS4.0 x86_64

 894c37bcf10d4ec8973ed11a5613aeb5  corporate/4.0/x86_64/xen-3.0.1-3.1.20060mlcs4.x86_64.rpm 
 72a302b77a88766cc43276e431dabf79  corporate/4.0/SRPMS/xen-3.0.1-3.1.20060mlcs4.src.rpm

2007.1 x86_64

 c05336d0eef357b2b2c191286c4d679e  2007.1/x86_64/xen-3.0.3-0.20060703.5.1mdv2007.1.x86_64.rpm 
 f4a0bfc9c6d5ae01664c8a906580b873  2007.1/SRPMS/xen-3.0.3-0.20060703.5.1mdv2007.1.src.rpm

Referenzen