libspice: Insufficient guest provided memory mappings boundaries validations

libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor aka RHEV-H or rhev-hypervisor before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings...

Important: Red Hat Security Advisory: rhev-hypervisor security, bug fix, and enhancement update

An updated rhev-hypervisor package that fixes two security issues, multiple bugs, and adds enhancements is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...

CentOS 5 : kernel (CESA-2010:0398)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update

An updated rhev-hypervisor package that fixes two security issues and several bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CVE-2010-0730

The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux RHEL 5 allows guest OS users to cause a denial of service 32-bit guest OS crash via vectors that trigger an unspecified instruction emulation...

Information disclosure

The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux RHEL 5 allows guest OS users to cause a denial of service 32-bit guest OS crash via vectors that trigger an unspecified instruction emulation...

CVE-2010-0730

The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux RHEL 5 allows guest OS users to cause a denial of service 32-bit guest OS crash via vectors that trigger an unspecified instruction emulation...

CVE-2010-0730

CVE-2010-0730 is a vulnerability in the MMIO instruction decoder of the Xen hypervisor within the Linux kernel 2.6.18 used by RHEL5. The flaw allows an unprivileged guest OS user to trigger an instruction emulation path and cause a denial-of-service (32-bit guest crash). The issue is documented a...

RHEL 5 : kernel (RHSA-2010:0398)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

RHEL 4 : kernel (RHSA-2010:0394)

Updated kernel packages that fix multiple security issues, several bugs, and add three enhancements are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...

RedHat Update for kernel RHSA-2010:0398-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2010:0398-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

kernel security and bug fix update

2.6.18-194.3.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug 69930...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix multiple security issues, several bugs, and add three enhancements are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...

Research Software Secures Hypervisor Behavior

Researchers from North Carolina State University have developed new techniques and software that may be the key to resolving cloud computing and virtualization security concerns and boosting confidence in the sector. Read the full article. ScienceDaily...

Researchers Get Funding for New Secure Operating System

Researchers at the University of Illinois at Chicago have received a $1.15 million grant from the National Science Foundation to build a new computer operating system based on virtual machines and the concept of isolation. The new OS project, called Ethos, is the brainchild of UIC associate...

CVE-2010-1225

The CVE-2010-1225 issue affects Microsoft Virtual PC 2007 Gold/SP1, Virtual Server 2005 Gold/R2 SP1, and Windows Virtual PC. The root cause is a memory-management flaw where the VMM work-area memory is not properly protected from guest access, allowing context-dependent attackers to bypass some g...

Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update

An updated rhev-hypervisor package that fixes multiple security issues and several bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CentOS 5 : kernel (CESA-2010:0147)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Virtual PC Hypervisor Memory Protection Vulnerability 1. Advisory Information Title: Virtual PC Hypervisor Memory Protection Vulnerability Advisory Id: CORE-2009-0803...