26 matches found
CVE-2017-15589
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS or an arbitrary guest OS because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory...
kernel security update
CentOS Errata and Security Advisory CESA-2015:0783 Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...
Microsoft Virtual PC Hypervisor Virtual Machine Monitor Security Bypass Vulnerability
Windows Virtual PC is the latest Microsoft virtualization technology. A security bypass vulnerability exists in Microsoft Virtual PC Hypervisor Virtual Machine Monitor, which can be exploited by an attacker to bypass memory protection mechanisms and obtain sensitive information...
NIST Publishes Draft Hypervisor Security Guide
NIST has followed up a three-year-old virtualization security guide with recommendations for hypervisor security. A draft version of SP800-125a was released this week and a public comment period opened on Monday and ends Nov. 10. The guide targets enterprise security and IT management as well dat...
CVE-2014-7188
Technical details for CVE-2014-7188 are not publicly provided in the connected documents. No product/version/root-cause/impact is specified here. Monitor for updates in future disclosures.
CVE-2013-4355
Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a 1 port or 2 memory mapped I/O write or 3 other unspecified operations related to addresses without associated memory...