Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "libxen-4.4", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "libxen-4.4-dbgsym", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "libxen-dev", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "libxen-ocaml", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "libxen-ocaml-dbgsym", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "libxen-ocaml-dev", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "libxenstore3.0", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "libxenstore3.0-dbgsym", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-hypervisor-4.1-amd64", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-hypervisor-4.3-amd64", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-hypervisor-4.3-armhf", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-hypervisor-4.4-amd64", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-hypervisor-4.4-arm64", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-hypervisor-4.4-armhf", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-system-amd64", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-system-arm64", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-system-armhf", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-utils-4.4", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-utils-4.4-dbgsym", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xen-utils-common", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xenstore-utils", "binary_version": "4.4.2-0ubuntu0.14.04.12" }, { "binary_name": "xenstore-utils-dbgsym", "binary_version": "4.4.2-0ubuntu0.14.04.12" } ] }
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "libxen-4.6", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "libxen-4.6-dbgsym", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "libxen-dev", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "libxenstore3.0", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "libxenstore3.0-dbgsym", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-hypervisor-4.4-amd64", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-hypervisor-4.4-arm64", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-hypervisor-4.4-armhf", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-hypervisor-4.5-amd64", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-hypervisor-4.5-arm64", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-hypervisor-4.5-armhf", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-hypervisor-4.6-amd64", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-hypervisor-4.6-arm64", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-hypervisor-4.6-armhf", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-system-amd64", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-system-arm64", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-system-armhf", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-utils-4.6", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-utils-4.6-dbgsym", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xen-utils-common", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xenstore-utils", "binary_version": "4.6.5-0ubuntu1.2" }, { "binary_name": "xenstore-utils-dbgsym", "binary_version": "4.6.5-0ubuntu1.2" } ] }