DEBIAN-CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

UBUNTU-CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

CVE-2014-8867

The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O MMIO emulated in the hypervisor, which allows local HVM guests to cause a denial of service host crash via unspecified vectors...

CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

Design/Logic Flaw

The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O MMIO emulated in the hypervisor, which allows local HVM guests to cause a denial of service host crash via unspecified vectors...

CVE-2014-8866

Technical details about CVE-2014-8866 are not publicly provided in the supplied documents. Please monitor for updates from vendors and security advisories.

CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor

ISSUE DESCRIPTION Acceleration support for the "REP MOVS" instruction, when the first iteration accesses memory mapped I/O emulated internally in the hypervisor, incorrectly assumes that the whole range accessed is handled by the same hypervisor sub-component. IMPACT A buggy or malicious HVM gues...

OracleVM 2.2 : xen (OVMSA-2014-0011)

The remote OracleVM system is missing necessary patches to address critical security updates : - page-alloc: scrub pages used by hypervisor upon freeing XSA-100 Jan Beulich 18970618 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM...

OracleVM 3.1 : xen (OVMSA-2013-0043)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/xsave: properly check guest input to XSETBV Other than the HVM emulation path, the PV case so far failed to check that YMM state requires SSE state to be enabled, allowing for a GP to occur upon...

OracleVM 2.1 : kernel (OVMSA-2009-0014)

The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2009-1192 The 1 agpgenericallocpage and 2 agpgenericallocpages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later...

DEBIAN-CVE-2014-9030

The dommuupdate function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMUMACHPHYSUPDATE...

RHEL 5 : rhev-hypervisor (RHSA-2011:0439)

An updated rhev-hypervisor package that fixes one security issue and one bug is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RHEL 5 : rhev-hypervisor (RHSA-2011:1408)

An updated rhev-hypervisor package that fixes several security issues is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...

RHEL 5 : rhev-hypervisor (RHSA-2010:0622)

Updated rhev-hypervisor packages that fix multiple security issues and two bugs are now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...

RHEL 5 : rhev-hypervisor5 (RHSA-2012:0168)

An updated rhev-hypervisor5 package that fixes several security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

RHEL 5 : rhev-hypervisor (RHSA-2011:1090)

An updated rhev-hypervisor package that fixes one security issue and several bugs is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 5 : rhev-hypervisor (RHSA-2010:0476)

An updated rhev-hypervisor package that fixes two security issues, multiple bugs, and adds enhancements is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...