Improper MSR range used for x2APIC emulation

ISSUE DESCRIPTION The MSR range specified for APIC use in the x2APIC access model spans 256 MSRs. Hypervisor code emulating read and write accesses to these MSRs erroneously covered 1024 MSRs. While the write emulation path is written such that accesses to the extra MSRs would not have any bad...

Debian Security Advisory DSA 3041-1 (xen - security update)

Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation. OpenVAS Vulnerability Test $Id: deb3041.nasl 6692 2017-07-12 09:57:43Z teissa $ Auto-generated from advisory DSA 3041-1 using...

[SECURITY] Fedora 21 Update: xen-4.4.1-4.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 21 Update: xen-4.4.1-2.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

virt-who: plaintext hypervisor passwords in world-readable /etc/sysconfig/virt-who configuration file

It was discovered that the /etc/sysconfig/virt-who configuration file, which may contain hypervisor authentication credentials, was world-readable. A local user could use this flaw to obtain authentication credentials from this file...

Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes three security issues and one bug is now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...

[SECURITY] Fedora 19 Update: xen-4.2.4-7.fc19

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 20 Update: xen-4.3.2-7.fc20

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Moderate: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes one security issue is now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CVE...

CentOS Update for kernel CESA-2014:0926 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel security update

CentOS Errata and Security Advisory CESA-2014:0926 Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring Syst...

CentOS 5 : kernel (CESA-2014:0926)

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140723)

A NULL pointer dereference flaw was found in the rdsiwladdrcheck function in the Linux kernel's implementation of Reliable Datagram Sockets RDS. A local, unprivileged user could use this flaw to crash the system. CVE-2014-2678, Moderate - It was found that the Xen hypervisor implementation did...

RHEL 5 : kernel (RHSA-2014:0926)

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

xen: Hypervisor heap contents leaked to guests (xsa-100)

It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

[SECURITY] Fedora 20 Update: openstack-nova-2013.2.3-2.fc20

OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...

CVE-2014-4022

The allocdomainstruct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which allows local guest administrators to obtain sensitive information via the GNTTABOPsetuptable...

Fedora 20 : xen-4.3.2-6.fc20 (2014-7722)

Hypervisor heap contents leaked to guest, with extra patch to avoid regression Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

[SECURITY] Fedora 19 Update: xen-4.2.4-6.fc19

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...