An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "xen-hypervisor-4.6-armhf": "4.9.2-0ubuntu1", "libxenstore3.0": "4.9.2-0ubuntu1", "xenstore-utils-dbgsym": "4.9.2-0ubuntu1", "libxenstore3.0-dbgsym": "4.9.2-0ubuntu1", "xen-hypervisor-4.8-amd64": "4.9.2-0ubuntu1", "xen-hypervisor-4.9-amd64": "4.9.2-0ubuntu1", "xen-hypervisor-4.8-armhf": "4.9.2-0ubuntu1", "xen-utils-4.9-dbgsym": "4.9.2-0ubuntu1", "xen-hypervisor-4.7-arm64": "4.9.2-0ubuntu1", "libxen-dev": "4.9.2-0ubuntu1", "xen-hypervisor-4.9-armhf": "4.9.2-0ubuntu1", "xen-utils-4.9": "4.9.2-0ubuntu1", "libxen-4.9": "4.9.2-0ubuntu1", "libxen-4.9-dbgsym": "4.9.2-0ubuntu1", "xenstore-utils": "4.9.2-0ubuntu1", "xen-hypervisor-4.9-arm64": "4.9.2-0ubuntu1", "xen-system-amd64": "4.9.2-0ubuntu1", "xen-system-armhf": "4.9.2-0ubuntu1", "xen-hypervisor-4.6-arm64": "4.9.2-0ubuntu1", "xen-utils-common": "4.9.2-0ubuntu1", "xen-hypervisor-4.6-amd64": "4.9.2-0ubuntu1", "xen-hypervisor-4.7-amd64": "4.9.2-0ubuntu1", "xen-hypervisor-4.8-arm64": "4.9.2-0ubuntu1", "xen-hypervisor-4.7-armhf": "4.9.2-0ubuntu1", "xen-system-arm64": "4.9.2-0ubuntu1" } ] }