CVE-2013-4361

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction...

CVE-2013-4355

Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a 1 port or 2 memory mapped I/O write or 3 other unspecified operations related to addresses without associated memory...

CVE-2013-4361

CVE-2013-4361 affects the Xen hypervisor: the fbld instruction emulation in Xen 3.3.x–4.3.x uses the wrong variable for the source effective address, enabling local HVM guests to read hypervisor stack data. This is a information-leak risk (partial confidentiality) with low overall CVSS in public ...

CVE-2013-4355

CVE-2013-4355 is a Xen hypervisor vulnerability. Connected sources indicate that Xen 4.3.x and earlier mishandles certain errors, allowing local HVM guests to obtain hypervisor stack memory via (1) a port, (2) a memory-mapped I/O write, or (3) other unspecified operations related to addresses wit...

CVE-2013-4361

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction...

L3 CPU shared cache architecture is susceptible to a Flush+Reload side-channel attack

Overview L3 CPU shared cache architecture is susceptible to a Flush+Reload side-channel attack, resulting in information leakage. allowing a local attacker to derive the contents of memory not belonging to the attacker. Description Common L3 CPU shared cache architecture is susceptible to a...

Information leaks through I/O instruction emulation

ISSUE DESCRIPTION Insufficient or missing error handling in certain routines dealing with guest memory reads can lead to uninitialized data on the hypervisor stack potentially containing sensitive data from prior work the hypervisor performed being copied to guest visible storage. This allows a...

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact Guest domains could possibly gain privileges, execute arbitrary code, or cause a Denial of Service on the host domain...

Information leak on AVX and/or LWP capable CPUs

ISSUE DESCRIPTION When a guest increases the set of extended state components for a vCPU saved/ restored via XSAVE/XRSTOR to date this can only be the upper halves of YMM registers, or AMD's LWP state after already having touched other extended registers restored via XRSTOR e.g. floating point or...

Fedora Update for xen FEDORA-2013-16357

Check for the Version of xen OpenVAS Vulnerability Test Fedora Update for xen FEDORA-2013-16357 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Moderate: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes one security issue and various bugs is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

[SECURITY] Fedora 19 Update: xen-4.2.3-1.fc19

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 18 Update: xen-4.2.3-1.fc18

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Debian Security Advisory DSA 2582-1 (xen - several vulnerabilities)

Multiple denial of service vulnerabilities have been discovered in the Xen Hypervisor. One of the issue CVE-2012-5513 could even lead to privilege escalation from guest to host. Some of the recently published Xen Security Advisories XSA 25 and 28 are not fixed by this update and should be fixed i...

Amazon Linux AMI : kernel (ALAS-2012-55)

A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially crafted disk. CVE-2011-4077 ,...

DEBIAN-CVE-2013-2077

Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service unhandled exception and hypervisor crash via unspecified vectors...

CVE-2013-2077

Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service unhandled exception and hypervisor crash via unspecified vectors...

CVE-2013-2212

The vmxsetucmode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service CPU consumption and possibly hypervisor or guest kernel panic via a crafted GFN range...

CVE-2013-2077

Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service unhandled exception and hypervisor crash via unspecified vectors...

DEBIAN-CVE-2013-1432

Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not properly maintain references on pages stored for deferred cleanup, which allows local PV guest kernels to cause a denial of service premature page free and hypervisor crash or possibly gain privileges via unspecified vectors...