Debian Security Advisory

DLA-964-1 xen -- LTS security update

Date Reported:
01 Jun 2017
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2016-9932, CVE-2017-7995, CVE-2017-8903, CVE-2017-8904, CVE-2017-8905.
More information:

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2016-9932 (XSA-200)

    CMPXCHG8B emulation allows local HVM guest OS users to obtain sensitive information from host stack memory.

  • CVE-2017-7995

    Description Xen checks access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads.

  • CVE-2017-8903 (XSA-213)

    Xen mishandles page tables after an IRET hypercall which can lead to arbitrary code execution on the host OS. The vulnerability is only exposed to 64-bit PV guests.

  • CVE-2017-8904 (XSA-214)

    Xen mishandles the contains segment descriptors property during GNTTABOP_transfer. This might allow PV guest OS users to execute arbitrary code on the host OS.

  • CVE-2017-8905 (XSA-215)

    Xen mishandles a failsafe callback which might allow PV guest OS users to execute arbitrary code on the host OS.

For Debian 7 Wheezy, these problems have been fixed in version 4.1.6.lts1-8.

We recommend that you upgrade your xen packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: