SUSE-SU-2015:1479-1 Security update for xen

xen was updated to fix the following security issues: CVE-2015-5165: QEMU leak of uninitialized heap memory in rtl8139 device model bsc939712, XSA-140 CVE-2015-5166: Use after free in QEMU/Xen block unplug protocol bsc939709, XSA-139 CVE-2015-2751: Certain domctl operations could have be used to...

FreeBSD : xen-kernel -- Certain domctl operations may be abused to lock up the host (103a47d5-27e7-11e5-a4a5-002590263bf5)

The Xen Project reports : XSA-77 put the majority of the domctl operations on a list excepting them from having security advisories issued for them if any effects their use might have could hamper security. Subsequently some of them got declared disaggregation safe, but for a small subset this wa...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:0701-1)

Xen was updated 4.4.201 to address three security issues and functional bugs. The following vulnerabilities were fixed : - Long latency MMIO mapping operations are not preemptible XSA-125, CVE-2015-2752, bnc922705 - Unmediated PCI command register access in qemu XSA-126, CVE-2015-2756, bnc922706 ...

Fedora 22 : xen-4.5.0-7.fc22 (2015-5295)

Long latency MMIO mapping operations are not preemptible XSA-125, CVE-2015-2752 Unmediated PCI command register access in qemu XSA-126, CVE-2015-2756 Certain domctl operations may be abused to lock up the host XSA-127, CVE-2015-2751 Note that Tenable Network Security has extracted the preceding...

Fedora 20 : xen-4.3.4-2.fc20 (2015-5402)

Long latency MMIO mapping operations are not preemptible XSA-125, CVE-2015-2752 Unmediated PCI command register access in qemu XSA-126, CVE-2015-2756 Certain domctl operations may be abused to lock up the host XSA-127, CVE-2015-2751 update to xen-4.3.4 Note that Tenable Network Security has...

CVE-2015-2751

Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service host lock via unspecified domctl operations...

CVE-2015-2751

Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service host lock via unspecified domctl operations...

Certain domctl operations may be abused to lock up the host

ISSUE DESCRIPTION XSA-77 put the majority of the domctl operations on a list excepting them from having security advisories issued for them if any effects their use might have could hamper security. Subsequently some of them got declared disaggregation safe, but for a small subset this was not...

xen-kernel -- Certain domctl operations may be abused to lock up the host

The Xen Project reports: XSA-77 put the majority of the domctl operations on a list excepting them from having security advisories issued for them if any effects their use might have could hamper security. Subsequently some of them got declared disaggregation safe, but for a small subset this was...