Mandrake Security Advisory MDVSA-2009:016 (xen)

The remote host is missing an update to xen announced via advisory MDVSA-2009:016.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
Ian Jackson found a security issue in the QEMU block device drivers backend that could allow a guest operating system to issue a block device request and read or write arbitrary memory locations, which could then lead to privilege escalation (CVE-2008-0928). It was found that Xen allowed unprivileged DomU domains to overwrite xenstore values which should only be changeable by the privileged Dom0 domain. An attacker able to control a DomU domain could possibly use this flaw to kill arbitrary processes in Dom0 or trick a Dom0 user into accessing the text console of a different domain running on the same host. This update makes certain parts of xenstore tree read-only to unprivilged DomU domains (CVE-2008-4405). A vulnerability in the qemu-dm.debug script was found in how it created a temporary file in /tmp. A local attacker in Dom0 could potentially use this flaw to overwrite arbitrary files via a symlink attack (CVE-2008-4993). Since this script is not used in production, it has been removed from this update package. The updated packages have been patched to prevent these issues. Affected: Corporate 4.0