18 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-2752
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain user...
Debian: Security Advisory (DLA-479-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0701-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-479-1 : xen security update
This security update fixes a number of security issues in Xen in wheezy. For Debian 7 'Wheezy', these problems have been fixed in version 4.1.6.1-1+deb7u1. We recommend that you upgrade your libidn packages. CVE-2015-2752 The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using...
DLA-479-1 xen - security update
Bulletin has no description...
SUSE: Security Advisory for xen (SUSE-SU-2015:0923-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201504-04
Gentoo Linux Local Security Checks GLSA 201504-04 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
openSUSE: Security Advisory for xen (openSUSE-SU-2015:1092-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for xen FEDORA-2015-11247
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for xen (important)
Xen was updated to 4.4.2 to fix multiple vulnerabilities and non-security bugs. The following vulnerabilities were fixed: CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu XSA-128 boo931625 CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests XSA-129...
Fedora Update for xen FEDORA-2015-9466
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OracleVM 3.2 : xen (OVMSA-2015-0068) (POODLE) (Venom)
The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0068 for details. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:0923-1) (Venom)
XEN was updated to fix two security issues and bugs. Security issues fixed : - CVE-2015-3340: Xen did not initialize certain fields, which allowed certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request. -...
OracleVM 3.3 : xen (OVMSA-2015-0057) (Venom)
The remote OracleVM system is missing necessary patches to address critical security updates : - fdc: force the fifo access to be in bounds of the allocated buffer During processing of certain commands such as FDCMDREADID and FDCMDDRIVESPECIFICATIONCOMMAND the fifo memory access could get out of...
Fedora Update for xen FEDORA-2015-6670
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : xen (openSUSE-2015-314)
Xen was updated to 4.3.4 to fix multiple vulnerabities and non-security bugs. The following vulnerabilities were fixed : - Long latency MMIO mapping operations are not preemptible XSA-125 CVE-2015-2752 bnc922705 - Unmediated PCI command register access in qemu XSA-126 CVE-2015-2756 bnc922706 -...
CVE-2015-2752
The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...
CVE-2015-2752
The CVE-2015-2752 issue affects Xen 3.2.x–4.5.x (PCI passthrough) where the XEN_DOMCTL_memory_mapping hypercall is not preemptible, enabling local x86 HVM users to cause host CPU exhaustion (DoS) via crafted device-model requests (qemu-dm). Public advisories in Debian (DLA-479-1) and Mageia (MGAS...