Debian Security Advisory

DLA-1181-1 xen -- LTS security update

Date Reported:
20 Nov 2017
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2017-15588, CVE-2017-15589, CVE-2017-15592, CVE-2017-15593, CVE-2017-15595.
More information:

Multiple vulnerabilities have been discovered in the Xen hypervisor:

  • CVE-2017-15588

    Jann Horn discovered a race condition that can cause a stale TLB entry which might result in privilege escalation, denial of service or information leak.

  • CVE-2017-15589

    Roger Pau Monné discovered a hypervisor stack leak in the x86 I/O intercept code, resulting in information leaks.

  • CVE-2017-15592

    Andrew Cooper discovered that incorrect handling of self-linear shadow mappings for translated guests might result in denial of service or privilege escalation.

  • CVE-2017-15593

    Jan Beulich discovered that page type reference counts are mishandled which may result in denial of service.

  • CVE-2017-15595

    Jann Horn discovered that crafted page-table stacking might result in denial of service, privilege escalation or information leaks.

For Debian 7 Wheezy, these problems have been fixed in version 4.1.6.lts1-10.

We recommend that you upgrade your xen packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: