19 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-12137
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to mapgrantref. CVE-2017-12137 Note that Nessus relies on the...
SUSE: Security Advisory (SUSE-SU-2017:2339-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2327-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1132-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : xen (SUSE-SU-2017:2327-2)
This update for xen fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates...
SUSE SLES12 Security Update : xen (SUSE-SU-2017:2541-1)
This update for xen fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates...
SUSE SLES11 Security Update : xen (SUSE-SU-2017:2450-1)
This update for xen fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates...
SUSE-SU-2017:2450-1 Security update for xen
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates ...
Security update for xen (important)
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates ...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:2326-1)
This update for xen to version 4.7.3 fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137:...
SUSE SLES11 Security Update : xen (SUSE-SU-2017:2339-1)
This update for xen fixes the following issues : - CVE-2017-12855: Premature clearing of GTFwriting / GTFreading lead to potentially leaking sensitive information XSA-230, bsc1052686. - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or...
SUSE-SU-2017:2339-1 Security update for xen
This update for xen fixes the following issues: - CVE-2017-12855: Premature clearing of GTFwriting / GTFreading lead to potentially leaking sensitive information XSA-230, bsc1052686. - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potential...
OracleVM 3.3 : xen (OVMSA-2017-0148)
The remote OracleVM system is missing necessary patches to address critical security updates : - From: Jan Beulich Subject: gnttab: correct pin status fixup for copy Regardless of copy operations only setting GNTPINhst, GNTPINdev also need to be taken into account when deciding whether to clear...
SUSE-SU-2017:2319-1 Security update for xen
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates ...
CVE-2017-12137
CVE-2017-12137 affects Xen hypervisor, with a local privilege escalation via map_grant_ref in arch/x86/mm.c that could let a local PV guest OS user gain host privileges. The linked documents confirm Xen is the vulnerable component and identify the underlying issue as a map_grant_ref related flaw....
Fedora 26 : xen (2017-f336ba205d)
Qemu: serial: host memory leakage 16550A UART emulation CVE-2017-5579 1416162 Qemu: display: cirrus: OOB read access issue CVE-2017-7718 1443444 xen: various flaws 1481765 multiple problems with transitive grants XSA-226, CVE-2017-12135 x86: PV privilege escalation via mapgrantref XSA-227,...
Xen Hypervisor Multiple Vulnerabilities (XSA-226 - XSA-230)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by multiple vulnerabilities. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patches were applie...
Citrix XenServer Multiple Security Updates (CTX225941)
A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
CVE-2017-12137
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to mapgrantref...