22 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-6258
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-pat...
RHEL 5 : xsa182_xen (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xsa182 xen: x86: Privilege escalation in PV guests XSA-182 CVE-2016-6258 Note that Nessus has not tested for this...
Mageia: Security Advisory (MGASA-2017-0012)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2100-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2725-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2528-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2093-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : xen (SUSE-SU-2016:2528-1) (Bunker Buster)
This update for xen fixes several issues. These security issues were fixed : - CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update bsc995792 - CVE-2016-7092: The getpagefroml3e...
SUSE SLES11 Security Update : xen (SUSE-SU-2016:2507-1) (Bunker Buster)
This update for xen fixes several issues. These security issues were fixed : - CVE-2016-7092: The getpagefroml3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables bsc995785 - CVE-2016-7093: Xe...
openSUSE Security Update : xen (openSUSE-2016-1170) (Bunker Buster)
This update for xen fixes the following issues : These security issues were fixed : - CVE-2016-7092: The getpagefroml3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables bsc995785 -...
Fedora 23 : xen (2016-0049aa6e5d) (Bunker Buster)
x86: Privilege escalation in PV guests XSA-182, CVE-2016-6258 x86: Missing SMAP whitelisting in 32-bit exception / event delivery XSA-183, CVE-2016-6259 virtio: unbounded memory allocation issue XSA-184, CVE-2016-5403 Qemu: scsi: esp: OOB write access in espdodma CVE-2016-6351 Note that Tenable...
Fedora Update for xen FEDORA-2016-0049aa6e5d
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : xen (2016-01cc766201) (Bunker Buster)
x86: Privilege escalation in PV guests XSA-182, CVE-2016-6258 x86: Missing SMAP whitelisting in 32-bit exception / event delivery XSA-183, CVE-2016-6259 virtio: unbounded memory allocation issue XSA-184, CVE-2016-5403 Qemu: scsi: esp: OOB write access in espdodma CVE-2016-6351 Note that Tenable...
CVE-2016-6258
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries...
CVE-2016-6258
CVE-2016-6258 affects Xen 4.7.x and earlier, where PV pagetable code in arch/x86/mm.c allows local 32-bit PV guest OS administrators to gain host OS privileges by abusing pagetable fast-path updates. The issue is documented across multiple advisories and vendor/SUSE patches (e.g., Xen/XSA-182 upd...
FreeBSD : xen-kernel -- x86: Privilege escalation in PV guests (032aa524-5854-11e6-b334-002590263bf5) (Bunker Buster)
The Xen Project reports : The PV pagetable code has fast-paths for making updates to pre-existing pagetable entries, to skip expensive re-validation in safe cases e.g. clearing only Access/Dirty bits. The bits considered safe were too broad, and not actually safe. A malicious PV guest administrat...
The XEN virtual machine monitor appears“deadly”vulnerabilities-vulnerability warning-the black bar safety net
! XEN has always been known for high performance, less resource-intensive, win IBM, AMD, HP, Red Hat and Novell, and many other world-class hardware and software manufacturers of high recognition and strong support of many domestic and foreign enterprises and users to use XEN to build a...
[SECURITY] [DLA 571-1] xen security update
Package : xen Version : 4.1.6.lts1-1 CVE ID : CVE-2014-3672 CVE-2016-3158 CVE-2016-3159 CVE-2016-3710 CVE-2016-3712 CVE-2016-3960 CVE-2016-4480 CVE-2016-6258 Debian Bug : Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifi...
Debian DSA-3633-1 : xen - security update (Bunker Buster)
Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-8338 Julien Grall discovered that Xen on ARM was susceptible to denial of service via long running memory operations. - CVE-2016-448...
OracleVM 3.4 : xen (OVMSA-2016-0088) (Bunker Buster)
The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: commit=aff08b43b1a504aa14a0fce65302ccf515b69fdf - Remove unsafe bits from the modl?entry fastpath Andrew Cooper CVE-2016-6258 - x86/mm: fully honor PS bits in guest page table walks Jan...