CVE-2012-2625

The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service memory consumption via a large 1 bzip2 or 2 lzma compressed kernel image...

CVE-2012-2625

The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service memory consumption via a large 1 bzip2 or 2 lzma compressed kernel image...

CVE-2012-2625

CVE-2012-2625 affects the PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, and in Xen 4.2.x and 4.1.x. It allows local para-virtualized guest users to cause a denial of service by triggering memory consumption when loading a kernel image that is large and compressed (either...

Security Update for Xen (important)

Security Update for Xen Following bug and security fixes were applied: - bnc776995 - attaching scsi control luns with pvscsi - xend/pvscsi: fix passing of SCSI control LUNs xen-bug776995-pvscsi-no-devname.patch - xend/pvscsi: fix usage of persistant device names for SCSI devices...

Scientific Linux Security Update : xen on SL5.x i386/x86_64 (20120731)

The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Scientific Linux. A flaw was found in the way the pyGrub boot loader handled compressed kernel images. A privileged guest user in a para-virtualized guest a DomU could use...

RedHat Update for xen RHSA-2012:1130-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for xen CESA-2012:1130 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for xen CESA-2012:1130 centos5

Check for the Version of xen OpenVAS Vulnerability Test CentOS Update for xen CESA-2012:1130 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

Detail : Joris van Rantwijk found a flaw in the Pygrub utility which is used as a boot loader for guest domains. A malicious local administrator of a guest domain could create a carefully crafted grub.conf file which would trigger the execution of arbitrary code outside of that domain...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

CVE-2009-3525 Xen: PyGrub missing support for password configuration command The pyGrub boot loader did not honor the 'password' option in the grub.conf file for para-virtualized guests. Users with access to a guest's console could use this flaw to bypass intended access restrictions and boot the...

xen security update

CentOS Errata and Security Advisory CESA-2012:1130 Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Moderate: Red Hat Security Advisory: xen security update

Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

xen: pv bootloader doesn't check the size of the bzip2 or lzma compressed kernel

The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service memory consumption via a large 1 bzip2 or 2 lzma compressed kernel image...

Fedora 16 : xen-4.1.2-8.fc16 (2012-9399)

make pygrub cope better with big files from guest 818412 CVE-2012-2625, 64-bit PV guest privilege escalation vulnerability CVE-2012-0217, guest denial of service on syscall/sysenter exception generation CVE-2012-0218, PV guest host Denial of Service CVE-2012-2934 Note that Tenable Network Securit...

Fedora 15 : xen-4.1.2-8.fc15 (2012-9430)

make pygrub cope better with big files from guest 818412 CVE-2012-2625, 64-bit PV guest privilege escalation vulnerability CVE-2012-0217, guest denial of service on syscall/sysenter exception generation CVE-2012-0218, PV guest host Denial of Service CVE-2012-2934 Note that Tenable Network Securit...

CentOS Update for xen CESA-2009:1472 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for xen CESA-2009:1472 centos5 i386

Check for the Version of xen OpenVAS Vulnerability Test CentOS Update for xen CESA-2009:1472 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

paravirtualised kernel image validation

ISSUE DESCRIPTION 1. Problems ----------- The functions which interpret the kernel image supplied for a paravirtualised guest, and decompress it into memory when booting the domain, are incautious. Specifically: i Integer overflow in the decompression loop memory allocator might result in...

SuSE 11 Security Update : Xen (SAT Patch Number 2230)

Collective Xen/201004 Update, containing fixes for the following issues : - pygrub, reiserfs: Fix on-disk structure definition bnc537370 - Xen on SLES 11 does not boot - endless loop in ATA detection bnc561912 - xend leaks memory bnc564750 - Keyboard Caps Lock key works abnormal under SLES11 xen...

SuSE 11 Security Update : Xen (SAT Patch Number 2230)

Collective Xen/201004 Update, containing fixes for the following issues : - pygrub, reiserfs: Fix on-disk structure definition bnc537370 - Xen on SLES 11 does not boot - endless loop in ATA detection bnc561912 - xend leaks memory bnc564750 - Keyboard Caps Lock key works abnormal under SLES11 xen...