SUSE CVE-2015-2152

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by 1 setting the DISPLAY environment variable, when compiled with SDL support,...

SUSE: Security Advisory (SUSE-SU-2015:0613-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for Xen (SUSE-SU-2015:0613-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201504-04

Gentoo Linux Local Security Checks GLSA 201504-04 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

openSUSE: Security Advisory for xen (openSUSE-SU-2015:1092-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.2 : xen (OVMSA-2015-0096)

The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0096 for details. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory...

Fedora Update for xen FEDORA-2015-11247

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for xen (important)

Xen was updated to 4.4.2 to fix multiple vulnerabilities and non-security bugs. The following vulnerabilities were fixed: CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu XSA-128 boo931625 CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests XSA-129...

Fedora Update for xen FEDORA-2015-9466

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : Xen (SUSE-SU-2015:0613-1)

The XEN hypervisor received updates to fix various security issues and bugs. The following security issues were fixed : - CVE-2015-2151: XSA-123: A hypervisor memory corruption due to x86 emulator flaw. - CVE-2015-2045: XSA-122: Information leak through version information hypercall. -...

Fedora Update for xen FEDORA-2015-6670

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : xen (openSUSE-2015-314)

Xen was updated to 4.3.4 to fix multiple vulnerabities and non-security bugs. The following vulnerabilities were fixed : - Long latency MMIO mapping operations are not preemptible XSA-125 CVE-2015-2752 bnc922705 - Unmediated PCI command register access in qemu XSA-126 CVE-2015-2756 bnc922706 -...

Fedora 21 : xen-4.4.1-16.fc21 (2015-3944)

Additional patch for XSA-98 on arm64 HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 enable building pngs from fig files which is working again, fix oxenstored.service preset...

Fedora 20 : xen-4.3.3-12.fc20 (2015-3721)

HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 Information leak via internal x86 system device emulation, Information leak through version information hypercall Note that Tenable...

Fedora 22 : xen-4.5.0-6.fc22 (2015-3935)

Additional patch for XSA-98 on arm64 HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 Information leak via internal x86 system device emulation, Information leak through version...

Fedora Update for xen FEDORA-2015-3721

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-2152

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by 1 setting the DISPLAY environment variable, when compiled with SDL support,...

CVE-2015-2152

CVE-2015-2152 affects Xen 4.5.x and earlier where VGA device emulation can expose the VGA console to local guest users via DISPLAY (with SDL) or VLC/VNC connections to ::1/127.0.0.1, even when disabled. Connected advisories (MGASA-2016-0098, OVMSA-2015-0095/0096, Fedora/OracleVM feeds) confirm th...