Xen: Multiple vulnerabilities

Xen: Multiple vulnerabilities Multiple vulnerabilities have been found in Xen, the worst of which could lead to the execution of arbitrary code on the host system. xen 2016-12-31 2017-01-03 600382 600662 601248 601250 601986 603420 local 4.7.1-r4 4.7.1-r4 4.7.1-r4 4.7.1-r4 4.7.1-r1 4.7.1-r1

Xen is a bare-metal hypervisor.

Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.

A local attacker could possibly execute arbitrary code with the privileges of the process, could gain privileges on the host system, cause a Denial of Service condition, or obtain sensitive information.

There is no known workaround at this time.

All Xen users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.7.1-r4"

All Xen Tools users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose
      ">=app-emulation/xen-tools-4.7.1-r4"

All Xen PvGrub users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose
      ">=app-emulation/xen-pvgrub-4.7.1-r1"

CVE-2016-10024 CVE-2016-9377 CVE-2016-9378 CVE-2016-9379 CVE-2016-9380 CVE-2016-9381 CVE-2016-9382 CVE-2016-9383 CVE-2016-9384 CVE-2016-9385 CVE-2016-9386 CVE-2016-9637 CVE-2016-9815 CVE-2016-9816 CVE-2016-9817 CVE-2016-9818 CVE-2016-9932 b-man b-man