369 matches found
broken AMD FPU FIP/FDP/FOP leak workaround
ISSUE DESCRIPTION There is a workaround in Xen to deal with the fact that AMD CPUs don't load the x86 registers FIP and possibly FCS, FDP and possibly FDS, and FOP from memory via XRSTOR or FXRSTOR when there is no pending unmasked exception. See XSA-52. However, this workaround does not cover al...
Fedora 23 : xen-4.5.2-6.fc23 (2015-d8253e2b1d)
paravirtualized drivers incautious about shared memory contents XSA-155, CVE-2015-8550 qemu-dm buffer overrun in MSI-X handling XSA-164, CVE-2015-8554 information leak in legacy x86 FPU/XMM initialization XSA-165, CVE-2015-8555 ioreq handling possibly susceptible to multiple read issue XSA-166 No...
openSUSE Security Update : xen (openSUSE-2016-35)
This update for xen fixes the following security issues : - CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop i...
openSUSE Security Update : xen (openSUSE-2016-36)
This update for xen fixes the following issues : - CVE-2015-8567,CVE-2015-8568: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop in...
information leak in legacy x86 FPU/XMM initialization
ISSUE DESCRIPTION When XSAVE/XRSTOR are not in use by Xen to manage guest extended register state, the initial values in the FPU stack and XMM registers seen by the guest upon first use are those left there by the previous user of those registers. IMPACT A malicious domain may be able to leverage...
xen-kernel -- information leak in legacy x86 FPU/XMM initialization
The Xen Project reports: When XSAVE/XRSTOR are not in use by Xen to manage guest extended register state, the initial values in the FPU stack and XMM registers seen by the guest upon first use are those left there by the previous user of those registers. A malicious domain may be able to leverage...
Oracle: Security Advisory (ELSA-2013-1166)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5.6 Long Life. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Internet Bug Bounty: Misusing of FPU Instruction Could Cause Security Vulnerabilities in Adobe Flash Player
Misusing of FPU Instruction Could Cause Security Vulnerabilities in Adobe Flash Player This vulnerability CVE-2015-3100 was reported to Adobe on March 10, 2015 and has been patched today via APSB15-11 https://helpx.adobe.com/security/products/flash-player/apsb15-11.html. Following is the original...
CentOS Update for kernel CESA-2015:1042 centos5
Check the version of kernel SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882189";...
RedHat Update for kernel RHSA-2015:1042-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 5 : kernel (CESA-2015:1042)
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
RHEL 5 : kernel (RHSA-2015:1042)
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
kernel security and bug fix update
kernel 2.6.18-404.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
Unbreakable Enterprise kernel security update
2.6.39-400.248.3 - kvm: fix excessive pages un-pinning in kvmiommumap error path. Quentin Casasnovas Orabug: 20687314 CVE-2014-3601 CVE-2014-8369 CVE-2014-3601 - Revert 'mm: Fix NULL pointer dereference in madviseMADVWILLNEED support' Guangyu Sun Orabug: 20673281 CVE-2014-8173 2.6.39-400.248.2 -...
kernel security and bug fix update
kernel 2.6.18-402.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.246.2 - net: sctp: fix NULL pointer dereference in af-fromaddrparam on malformed packet Daniel Borkmann Orabug: 20425333 CVE-2014-7841 2.6.39-400.246.1 - sched: Fix possible divide by zero in avgatom calculation Mateusz Guzik Orabug: 20148169 - include/linux/math64.h: add div64ul Alex...
kernel security update
kernel 2.6.18-400.1.1.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
kernel security and bug fix update
kernel 2.6.18-400.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
kernel security and bug fix update
kernel 2.6.18-371.12.1.0.1 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe...