19 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-8340
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a...
SUSE: Security Advisory (SUSE-SU-2015:2306-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0658-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:2326-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:2328-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-479-1 : xen security update
This security update fixes a number of security issues in Xen in wheezy. For Debian 7 'Wheezy', these problems have been fixed in version 4.1.6.1-1+deb7u1. We recommend that you upgrade your libidn packages. CVE-2015-2752 The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using...
[SECURITY] [DSA 3519-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3519-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 17, 2016 https://www.debian.org/security/faq -...
SUSE SLES10 Security Update : Xen (SUSE-SU-2016:0658-1)
Xen was updated to fix the following vulnerabilities : CVE-2014-0222: Qcow1 L2 table size integer overflows bsc877642 CVE-2015-4037: Insecure temporary file use in /net/slirp.c bsc932267 CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463 CVE-2015-7504: Heap buffer...
Fedora 23 : xen-4.5.2-5.fc23 (2015-12a089920e)
eepro100: Prevent two endless loops CVE-2015-8345, pcnet: fix rx buffer overflow CVE-2015-7512, ui: vnc: avoid floating point exception CVE-2015-8504, additional patch for XSA-158, CVE-2015-8338 long running memory operations on ARM XSA-158, CVE-2015-8338 XENMEMexchange error handling issues...
OracleVM 3.2 : xen (OVMSA-2016-0008)
The remote OracleVM system is missing necessary patches to address critical security updates : - VT-d: fix TLB flushing in dmapteclearone From: Jan Beulich The TLB flush code was wrong since xen-4.1.3-25.el5.127.20 commit: vtd-Refactor-iotlb-flush-code.patch, both ovm-3.2.9 and ovm-3.2.10 were...
openSUSE Security Update : xen (openSUSE-2016-34)
This update for xen fixes the following security issues : - CVE-2015-8550: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: qemu: usb: infinite loop in ehciadvancestate results in DoS boo959006 - CVE-2015-7549: qemu pci: NULL pointer dereference...
openSUSE: Security Advisory for xen (openSUSE-SU-2016:0124-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for xen (important)
This update for xen fixes the following issues: - CVE-2015-8567,CVE-2015-8568: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop in...
Security update for xen (important)
This update for xen fixes the following security issues: - CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop in...
FreeBSD : xen-kernel -- XENMEM_exchange error handling issues (bcad3faa-b40c-11e5-9728-002590263bf5)
The Xen Project reports : Error handling in the operation may involve handing back pages to the domain. This operation may fail when in parallel the domain gets torn down. So far this failure unconditionally resulted in the host being brought down due to an internal error being assumed. This is...
SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:2338-1)
This update fixes the following security issues : - bsc955399 - Fix xm migrate --logprogress. Due to logic error progress was not logged when requested. - bsc956832 - CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list - bsc956592 - xen: virtual PMU is...
SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:2326-1)
This update fixes the following security issues : - bsc956832 - CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list - bsc956592 - xen: virtual PMU is unsupported XSA-163 - bsc956408 - CVE-2015-8339, CVE-2015-8340: xen: XENMEMexchange error handling issues XSA-1...
CVE-2015-8340
CVE-2015-8340 affects Xen 3.2.x through 4.6.x. The memory_exchange function in common/memory.c does not properly release locks, which can allow guest OS administrators to cause a denial of service (host crash or deadlock) via XENMEM_exchange error handling. Public advisories (Debian DSA-3519, Deb...
Citrix XenServer Security Update for CVE-2015-8339 & CVE-2015-8340 (CTX203451)
A security vulnerability has been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to crash the XenServer host. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...