11. September 2012
Das Xen-Sicherheitsteam hat acht Sicherheitshinweise zum Xen-Hypervisor veröffentlicht. AWS-Kunden sind von diesen Problemen nicht betroffen. Informationen zu den Sicherheitshinweisen finden Sie hier:
Xen Security Advisory 12 (CVE-2012-3494) - hypercall set_debugreg vulnerability
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html
Xen Security Advisory 13 (CVE-2012-3495) - hypercall physdev_get_free_pirq vulnerability
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html
Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html
Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html
Xen Security Advisory 16 (CVE-2012-3498) - PHYSDEVOP_map_pirq index vulnerability
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html
Xen Security Advisory 17 (CVE-2012-3515) - Qemu VT100 emulation vulnerability
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00003.html
Xen Security Advisory 18 (CVE-2012-3516) - grant table entry swaps have inadequate bounds checking
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00004.html
Xen Security Advisory 19 (CVE-2012-4411) - guest administrator can access qemu monitor console
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00008.html