Xen Patches VM Escape Vulnerability

The Xen Project, which oversees the open source Xen hypervisor, yesterday patched a seven-year-old vulnerability that allows an attacker to escape a guest virtual machine and attack the host operating system. The flaw is so bad that the developers of the Qubes OS Project, a security-heavy operati...

arm: various unimplemented hypercalls log without rate limiting

ISSUE DESCRIPTION The HYPERVISORphysdevop hypercall and most suboperations of the HYPERVISORhvmop hypercall are not currently implemented by Xen on ARM and when called will log the use to the hypervisor console. However these guest accessible log messages are not rate-limited. IMPACT A malicious...

[SECURITY] Fedora 22 Update: xen-4.5.1-13.fc22

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 21 Update: xen-4.4.3-6.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Scientific Linux Security Update : kvm on SL5.x x86_64 (20151022)

A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance denial of service or potentially execute arbitrary code on the host...

PT-2015-2758 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.2.6 Xen versions 4.3.x through 4.6.x Description: The issue is related to errors in resource management within the KVM subsystem of the Linux kernel and the Xen hypervisor. It allows a local attacker to cause ...

How to Use IIS to Acquire SSL Certificates for XenServer or Citrix Hypervisor

This article describes how to create a certificate in IIS and transfer it to a XenServer or Citrix Hypervisor server. This article applies to Citrix Hypervisor 8.1 or earlier...

SUSE: Security Advisory for xen (SUSE-SU-2015:0022-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for Xen (SUSE-SU-2015:0613-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for Xen (SUSE-SU-2014:0446-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 21 Update: xen-4.4.3-5.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 23 Update: xen-4.5.1-13.fc23

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

spice security update

CentOS Errata and Security Advisory CESA-2015:1889 An updated spice-server package that fixes two security issues is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

Important: Red Hat Security Advisory: spice security update

Updated spice packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...

Oracle: Security Advisory (ELSA-2009-1670)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

This Secure Operating System Can Protect You Even if You Get Hacked

Hackers, Government Agencies and sophisticated malware, are collecting every piece of Digital data that we transmit through our Computers, Smartphones or Internet-enabled Gadgets. No matter how secure you think you might be, something malicious can always happen. Because, "With the right tools an...

Oracle: Security Advisory (ELSA-2010-0704)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2010-0147)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2010-0839)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2010-0046)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...