18 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-12855
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xen maintains the GTFread,writing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it ...
SUSE: Security Advisory (SUSE-SU-2017:2339-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2327-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1132-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : xen (SUSE-SU-2017:2327-2)
This update for xen fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates...
SUSE SLES12 Security Update : xen (SUSE-SU-2017:2541-1)
This update for xen fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates...
SUSE SLES11 Security Update : xen (SUSE-SU-2017:2450-1)
This update for xen fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates...
SUSE-SU-2017:2450-1 Security update for xen
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates ...
Security update for xen (important)
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates ...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:2326-1)
This update for xen to version 4.7.3 fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137:...
SUSE SLES11 Security Update : xen (SUSE-SU-2017:2339-1)
This update for xen fixes the following issues : - CVE-2017-12855: Premature clearing of GTFwriting / GTFreading lead to potentially leaking sensitive information XSA-230, bsc1052686. - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or...
SUSE-SU-2017:2339-1 Security update for xen
This update for xen fixes the following issues: - CVE-2017-12855: Premature clearing of GTFwriting / GTFreading lead to potentially leaking sensitive information XSA-230, bsc1052686. - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potential...
OracleVM 3.2 : xen (OVMSA-2017-0149)
The remote OracleVM system is missing necessary patches to address critical security updates : - From e26560a4b056dad6d85ffd9ebfad9565f210a9cc Mon Sep 17 00:00:00 2001 From: Jan Beulich Date: Wed, 30 May 2012 09:22:17 +0100 Subject: PATCH gnttab: don't use domain lock for serialization Instead us...
OracleVM 3.3 : xen (OVMSA-2017-0148)
The remote OracleVM system is missing necessary patches to address critical security updates : - From: Jan Beulich Subject: gnttab: correct pin status fixup for copy Regardless of copy operations only setting GNTPINhst, GNTPINdev also need to be taken into account when deciding whether to clear...
Fedora 26 : xen (2017-f336ba205d)
Qemu: serial: host memory leakage 16550A UART emulation CVE-2017-5579 1416162 Qemu: display: cirrus: OOB read access issue CVE-2017-7718 1443444 xen: various flaws 1481765 multiple problems with transitive grants XSA-226, CVE-2017-12135 x86: PV privilege escalation via mapgrantref XSA-227,...
Xen Hypervisor Multiple Vulnerabilities (XSA-226 - XSA-230)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by multiple vulnerabilities. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patches were applie...
Citrix XenServer Multiple Security Updates (CTX225941)
A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
CVE-2017-12855
CVE-2017-12855 affects Xen grant table handling: premature clearing of GTF_writing/GTF_reading bits can misinform a guest that a grant is no longer in use, potentially allowing reuse of a granted frame containing sensitive data while the other domain is still using it. Affected Xen versions inclu...