GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Mon Jul 12, 2021 5:26 am Post subject: [ GLSA 202107-30 ] Xen |
 |
|
Gentoo Linux Security Advisory
Title: Xen: Multiple vulnerabilities (GLSA 202107-30)
Severity: high
Exploitable: local, remote
Date: 2021-07-12
Bug(s): #760144, #766474, #783456, #795054
ID: 202107-30
Synopsis
Multiple vulnerabilities have been found in Xen, the worst of which
could result in privilege escalation.
Background
Xen is a bare-metal hypervisor.
Affected Packages
Package: app-emulation/xen
Vulnerable: < 4.15.0-r1
Unaffected: >= 4.14.2-r1
Unaffected: >= 4.15.0-r1
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Xen. Please review the
CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Xen 4.14.x users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/xen-4.14.2-r1"
|
All Xen 4.15.x users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/xen-4.15.0-r1"
|
References
CVE-2020-29479
CVE-2020-29486
CVE-2020-29487
CVE-2020-29566
CVE-2020-29567
CVE-2020-29568
CVE-2020-29569
CVE-2020-29570
CVE-2020-29571
CVE-2021-0089
CVE-2021-26313
CVE-2021-28687
CVE-2021-28690
CVE-2021-28691
CVE-2021-28692
CVE-2021-28693
CVE-2021-3308
Last edited by GLSA on Sat Jan 22, 2022 4:56 am; edited 2 times in total |
|
News & Announcements
