Scientific Linux Security Update : kernel on SL5.x i386/x86_64

These updated packages fix the following security issues : - the absence of a protection mechanism when attempting to access a critical section of code has been found in the Linux kernel open file descriptors control mechanism, fcntl. This could allow a local unprivileged user to simultaneously...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

Security fixes : - a missing capability check was found in the Linux kernel dochangetype routine. This could allow a local unprivileged user to gain privileged access or cause a denial of service. CVE-2008-2931, Important - a flaw was found in the Linux kernel Direct-IO implementation. This could...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

Note: Troy Dawson has tested this update on a machine hosting both paravirtualized and fully virtualized machines, both 32 bit and 64 bit. He did the update while all the machines were running, none of them had any problems. He also tried stopping, starting, and rebooting several of the machines...

Scientific Linux Security Update : kvm on SL5.4 x86_64

CVE-2009-3722 KVM: Check cpl before emulating debug register access CVE-2010-0419 kvm: emulator privilege escalation segment selector check A flaw was found in the way the x86 emulator loaded segment selectors used for memory segmentation and protection into segment registers. In some guest syste...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

These updated packages fix the following security issues : - a flaw in the hypervisor for hosts running on Itanium architectures allowed an Intel VTi domain to read arbitrary physical memory from other Intel VTi domains, which could make information available to unauthorized users. CVE-2007-6207,...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

Security fixes : - Kernel update 2.6.9-89.EL introduced a flaw in the ptrace implementation on Itanium systems. ptracecheckattach was not called during certain ptrace requests. Under certain circumstances, a local, unprivileged user could use this flaw to call ptrace on a process they do not own,...

Scientific Linux Security Update : kvm on SL5.x x86_64

A flaw was found in the way QEMU-KVM handled the reloading of fs and gs segment registers when they had invalid selectors. A privileged host user with access to '/dev/kvm' could use this flaw to crash the host denial of service. CVE-2010-3698 The following procedure must be performed before this...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : - A flaw in the dccprcvstateprocess function could allow a remote attacker to cause a denial of service, even when the socket was already closed. CVE-2011-1093,...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : - Using PCI passthrough without interrupt remapping support allowed Xen hypervisor guests to generate MSI interrupts and thus potentially inject traps. A...

CentOS Update for kernel CESA-2011:1386 centos5 x86_64

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2011:1386 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for xen CESA-2011:1401 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for kernel CESA-2012:0721 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for kernel CESA-2011:1065 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for kernel CESA-2012:0721 centos5

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2012:0721 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

CentOS Update for kernel CESA-2011:1479 centos5 x86_64

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2011:1479 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for kernel CESA-2011:0833 centos5 x86_64

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2011:0833 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

[SECURITY] Fedora 17 Update: openstack-nova-2012.1.1-4.fc17

OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...

HVM guest user mode MMIO emulation DoS vulnerability

ISSUE DESCRIPTION Internal data of the emulator for MMIO operations may, under certain rare conditions, at the end of one emulation cycle be left in a state affecting a subsequent emulation such that this second emulation would fail, causing an exception to be reported to the guest kernel where...

CVE-2012-0217 - Intel SYSRET FreeBSD Privilege Escalation Exploit Released

The Vulnerability reported on 06/12/2012, dubbed as "CVE-2012-0217" - according to that Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation ...

CVE-2012-3360

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...