9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.023 Low
EPSS
Percentile
88.1%
The xen packages contain administration tools and the xend service for
managing the kernel-xen kernel for virtualization on Red Hat Enterprise
Linux.
A flaw was found in the way QEMU emulated the e1000 network interface card
when the host was configured to accept jumbo network frames, and a
fully-virtualized guest using the e1000 emulated driver was not. A remote
attacker could use this flaw to crash the guest or, potentially, execute
arbitrary code with root privileges in the guest. (CVE-2012-6075)
All users of xen are advised to upgrade to these updated packages, which
correct this issue. After installing the updated packages, all running
fully-virtualized guests must be restarted for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | ia64 | xen-devel | < 3.0.3-142.el5_9.2 | xen-devel-3.0.3-142.el5_9.2.ia64.rpm |
RedHat | 5 | x86_64 | xen | < 3.0.3-142.el5_9.2 | xen-3.0.3-142.el5_9.2.x86_64.rpm |
RedHat | 5 | i386 | xen | < 3.0.3-142.el5_9.2 | xen-3.0.3-142.el5_9.2.i386.rpm |
RedHat | 5 | x86_64 | xen-debuginfo | < 3.0.3-142.el5_9.2 | xen-debuginfo-3.0.3-142.el5_9.2.x86_64.rpm |
RedHat | 5 | src | xen | < 3.0.3-142.el5_9.2 | xen-3.0.3-142.el5_9.2.src.rpm |
RedHat | 5 | ia64 | xen | < 3.0.3-142.el5_9.2 | xen-3.0.3-142.el5_9.2.ia64.rpm |
RedHat | 5 | ia64 | xen-libs | < 3.0.3-142.el5_9.2 | xen-libs-3.0.3-142.el5_9.2.ia64.rpm |
RedHat | 5 | i386 | xen-devel | < 3.0.3-142.el5_9.2 | xen-devel-3.0.3-142.el5_9.2.i386.rpm |
RedHat | 5 | i386 | xen-debuginfo | < 3.0.3-142.el5_9.2 | xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm |
RedHat | 5 | ia64 | xen-debuginfo | < 3.0.3-142.el5_9.2 | xen-debuginfo-3.0.3-142.el5_9.2.ia64.rpm |