46 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-8550
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service host OS crash or gain privileges by writing ...
RHEL 5 : kernel-xen (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xsa155 xen: paravirtualized drivers incautious about shared memory contents XSA-155 CVE-2015-8550 - xen:...
SUSE: Security Advisory (SUSE-SU-2016:0658-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0911-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0585-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0168-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-479-1 : xen security update
This security update fixes a number of security issues in Xen in wheezy. For Debian 7 'Wheezy', these problems have been fixed in version 4.1.6.1-1+deb7u1. We recommend that you upgrade your libidn packages. CVE-2015-2752 The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using...
SUSE-SU-2016:1102-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes. Following feature was added to kernel-xen: - A improved XEN blkfront module was added, which allows more I/O bandwidth. FATE320200 It is called xen-blkfront in PV, and xen-vbd-upstream in HVM mode. Th...
CVE-2015-8550
CVE-2015-8550 is reported in Xen as a double-fetch vulnerability affecting systems using PV backends. The issue arises when memory is shared between the Xen frontend and backend, enabling local guest OS administrators to either crash the host OS (DoS) or gain privileges. The description consisten...
SUSE-SU-2016:0911-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. Following feature was added to kernel-xen: - A improved XEN blkfront module was added, which allows more I/O bandwidth. FATE320200 It is called xen-blkfront in PV, and xen-vbd-upstream in HVM mode. The...
[SECURITY] [DSA 3519-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3519-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 17, 2016 https://www.debian.org/security/faq -...
SUSE SLES10 Security Update : Xen (SUSE-SU-2016:0658-1)
Xen was updated to fix the following vulnerabilities : CVE-2014-0222: Qcow1 L2 table size integer overflows bsc877642 CVE-2015-4037: Insecure temporary file use in /net/slirp.c bsc932267 CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463 CVE-2015-7504: Heap buffer...
Fedora 22 : xen-4.5.2-6.fc22 (2015-c44bd3e0fa)
paravirtualized drivers incautious about shared memory contents XSA-155, CVE-2015-8550 qemu-dm buffer overrun in MSI-X handling XSA-164, CVE-2015-8554 information leak in legacy x86 FPU/XMM initialization XSA-165, CVE-2015-8555 ioreq handling possibly susceptible to multiple read issue XSA-166 No...
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0585-1)
The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.53 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2013-7446: Use-after-free vulnerability in net/unix/afunix.c in the Linux kernel allowed local users to bypass intended AFUNIX socket permissions...
Debian DSA-3471-1 : qemu - security update
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. - CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. - CVE-2015-7504 Qinghao...
[SECURITY] [DSA 3471-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3471-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3471-1 (qemu - security update)
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...
Ubuntu: Security Advisory (USN-2886-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : the Linux Kernel (openSUSE-2016-116)
The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable release, and also includes security and bugfixes. Following security bugs were fixed : - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges...
openSUSE Security Update : xen (openSUSE-2016-34)
This update for xen fixes the following security issues : - CVE-2015-8550: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: qemu: usb: infinite loop in ehciadvancestate results in DoS boo959006 - CVE-2015-7549: qemu pci: NULL pointer dereference...