MiracleLinux 3 : xen-3.0.3-41.7AXS3 (AXSA:2008-256:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-256:01 advisory. This package contains the Xen tools and management daemons needed to run virtual machines on x86, x8664, and ia64 systems. Information on how to use...

CVE-2021-47377

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2021-47377

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2021-47377

Removed by vendor...

CVE-2021-47377

This CVE ID has been rejected by its CVE Numbering Authority and is not an active vulnerability entry.

PT-2024-11374 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to Xen ballooning. The issue involved the use of a workqueue instead of a kernel thread. Recommendations: At the moment,...

Updates to Citrix VM Tools for Linux - For Citrix Hypervisor 8.2 CU 1

Who Should Read This Article? This information is for customers using Citrix Hypervisor 8.2 Cumulative Update 1 who have the Citrix VM Tools for Linux installed on their Linux VMs. The following table lists the latest version of the Citrix VM Tools for Linux for Citrix Hypervisor 8.2 Cumulative...

UBUNTU-CVE-2021-28039

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...

qemu-kvm security, bug fix, and enhancement update

1.5.3-167.el7 - Reverting kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads rhel-7 1.5.3-166.el7 - kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kv...

CVE-2017-14317

A domain cleanup issue was discovered in the C xenstore daemon aka cxenstored in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on it including domain...

CVE-2017-14317

A domain cleanup issue was discovered in the C xenstore daemon aka cxenstored in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on it including domain...

Xen Denial of Service Vulnerability (CNVD-2015-07245)

Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. A security vulnerability exists in the 'libxlbuildpost' function in the tools/libxl/libxldom.c file and in the 'libxlsetmemory target' functions, due to a security flaw in the...

DEBIAN-CVE-2015-7972

The 1 libxlsetmemorytarget function in tools/libxl/libxl.c and 2 libxlbuildpost function in tools/libxl/libxldom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand PoD system, which allows local HVM guest users to cause a denial of service...

CVE-2015-7972

The 1 libxlsetmemorytarget function in tools/libxl/libxl.c and 2 libxlbuildpost function in tools/libxl/libxldom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand PoD system, which allows local HVM guest users to cause a denial of service...

x86: populate-on-demand balloon size inaccuracy can crash guests

ISSUE DESCRIPTION The design of the memory populate-on-demand PoD system requires that a guest's memory ballooning driver reach its memory reduction target. The target is not entirely well-defined in terms of the information visible to the appropriate parts of the system, so some unknown set of...

[SECURITY] Fedora 17 Update: mom-0.3.0-1.fc17

MOM is a policy-driven tool that can be used to manage overcommitment on KVM hosts. Using libvirt, MOM keeps track of active virtual machines on a host. At a regular collection interval, data is gathered about the host and guests. Data can come from multiple sources eg. the /proc interface, libvi...

[SECURITY] Fedora 18 Update: mom-0.3.0-1.fc18

MOM is a policy-driven tool that can be used to manage overcommitment on KVM hosts. Using libvirt, MOM keeps track of active virtual machines on a host. At a regular collection interval, data is gathered about the host and guests. Data can come from multiple sources eg. the /proc interface, libvi...