This bug was fixed in the package xen - 4.4.1-3ubuntu2
--------------- xen (4.4.1-3ubuntu2) vivid; urgency=low
* Applying Xen Security Advisories: - CVE-2014-8594 / XSA-109 * x86: don't allow page table updates on non-PV page tables in do_mmu_update() - CVE-2014-8595 / XSA-110 * x86emul: enforce privilege level restrictions when loading CS - CVE-2014-8866 / XSA-111 * x86: limit checks in hypercall_xlat_continuation() to actual arguments - CVE-2014-8867 / XSA-112 * x86/HVM: confine internally handled MMIO to solitary regions - CVE-2014-9030 / XSA-113 * x86/mm: fix a reference counting error in MMU_MACHPHYS_UPDATE * Pulling in Debian change to start qemu in dom0 (LP: #1396068) * Picking up Debian change to recommend grub-xen-host from xen-utils. * Picking up Debian change to really include xen-init-name. -- Stefan Bader <email address hidden> Wed, 19 Nov 2014 13:47:12 +0100
This bug was fixed in the package xen - 4.4.1-3ubuntu2
---------------
xen (4.4.1-3ubuntu2) vivid; urgency=low
* Applying Xen Security Advisories:
do_mmu_ update( ) xlat_continuati on() to actual arguments
- CVE-2014-8594 / XSA-109
* x86: don't allow page table updates on non-PV page tables in
- CVE-2014-8595 / XSA-110
* x86emul: enforce privilege level restrictions when loading CS
- CVE-2014-8866 / XSA-111
* x86: limit checks in hypercall_
- CVE-2014-8867 / XSA-112
* x86/HVM: confine internally handled MMIO to solitary regions
- CVE-2014-9030 / XSA-113
* x86/mm: fix a reference counting error in MMU_MACHPHYS_UPDATE
* Pulling in Debian change to start qemu in dom0 (LP: #1396068)
* Picking up Debian change to recommend grub-xen-host from xen-utils.
* Picking up Debian change to really include xen-init-name.
-- Stefan Bader <email address hidden> Wed, 19 Nov 2014 13:47:12 +0100