Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update

An updated rhev-hypervisor package that fixes security issues and several bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The rhev-hypervisor package provides a Red Hat Enterprise Virtualization RHEV Hypervisor ISO disk...

Oracle VirtualBox Detection (Linux/Unix SSH Login)

Detection of installed versions of Sun/Oracle VirtualBox, a hypervisor tool, on Linux systems. The script logs in via ssh, searches for executables of VirtualBox and queries the found executables via command line option SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be...

Researchers Create Hypervisor Tool for Rootkits

Research between North Carolina State and Microsoft has garnered a way to better isolate and centralize kernels–up to 6,000 different kernel hooks–and has stopped nine rootkits. The tool is called HookSafe and runs on Ubuntu Linux 8.04 and uses hardware-based memory. At issue is whether other...

kernel security and bug fix update

2.6.18-164.6.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina yang orabug 69930...

kernel security and bug fix update

2.6.9-89.0.15.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race...

Xen 3.x - pygrub Local Authentication Bypass

Xen 3.x - pygrub Local Authentication Bypass source: https://www.securityfocus.com/bid/36523/info Xen is prone to a local authentication-bypass vulnerability. A local attacker with physical access to an affected host can exploit this issue to bypass authentication and modify the 'grub.conf' file...

kernel security and bug fix update

2.6.9-89.0.7.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race avoidanc...

kernel security and bug fix update

2.6.18-128.4.1.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki,Guru Anbalagane orabug 6045759 - MM shrink zone patch John Sobecki,Chris Mason orabug 6086839 - NET Add xen pv/bonding netconsole support Tina yang orabug 6993043 bz 7258 - nfs convert ENETUNREACH to ENOTCONN Guru...

RedHat Security Advisory RHSA-2009:1132

The remote host is missing updates to the Linux kernel announced in advisory RHSA-2009:1132. These updated packages fix the following security issues: a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across...

RedHat Security Advisory RHSA-2009:1132

The remote host is missing updates to the Linux kernel announced in advisory RHSA-2009:1132. These updated packages fix the following security issues: a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across...

kernel security and bug fix update

2.6.9-89.0.3.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race avoidanc...

RHEL 4 : kernel (RHSA-2009:1132)

Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

kernel: xen: local denial of service

The hypervisorcallback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service kernel oops of the guest OS by triggering a segmentation fault in "certain address ranges."...

RHEL 5 : kernel (RHSA-2009:1106)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1106 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: several flaws were found in the way th...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

kernel: xen: local denial of service

The hypervisorcallback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service kernel oops of the guest OS by triggering a segmentation fault in "certain address ranges."...

CVE-2009-1758

The hypervisorcallback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service kernel oops of the guest OS by triggering a segmentation fault in "certain address ranges."...

RHEL 5 : kernel (RHSA-2009:0473)

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

Virtualization security debate rages on

From SearchSecurity.com Robert Westervelt The debate around cloud security is quickly beginning to mirror the one that has followed virtualization security for the last few years. What begins as a philosophical discussion usually devolves into arguments about technology or vendor roles. In a pane...

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.15/22 vulnerabilities (USN-679-1)

It was discovered that the Xen hypervisor block driver did not correctly validate requests. A user with root privileges in a guest OS could make a malicious IO request with a large number of blocks that would crash the host OS, leading to a denial of service. This only affected Ubuntu 7.10...