5604 matches found
MGASA-2013-0197 Updated xen package fixes security issues
This update fixes the following security issues: XSA-52/CVE-2013-2076: Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-53/CVE-2013-2077: Hypervisor crash due to missing exception recovery on XRSTOR XSA-54/CVE-2013-2078: Hypervisor crash due to missing exception recovery on XSETBV...
[SECURITY] Fedora 19 Update: xen-4.2.2-7.fc19
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
CentOS 5 : kernel (CESA-2011:0833)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Page reference counting error due to XSA-45/CVE-2013-1918 fixes
ISSUE DESCRIPTION The XSA-45/CVE-2013-1918 patch making error handling paths preemptible broke page reference counting by not retaining a reference on pages stored for deferred cleanup. This would lead to the hypervisor prematurely attempting to free the page, generally crashing upon finding the...
[SECURITY] Fedora 17 Update: xen-4.1.5-6.fc17
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 18 Update: xen-4.2.2-7.fc18
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
Fedora Update for xen FEDORA-2013-10929
Check for the Version of xen OpenVAS Vulnerability Test Fedora Update for xen FEDORA-2013-10929 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for xen FEDORA-2013-10941
Check for the Version of xen OpenVAS Vulnerability Test Fedora Update for xen FEDORA-2013-10941 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for xen FEDORA-2013-10247
Check for the Version of xen OpenVAS Vulnerability Test Fedora Update for xen FEDORA-2013-10247 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for xen FEDORA-2013-10136
Check for the Version of xen OpenVAS Vulnerability Test Fedora Update for xen FEDORA-2013-10136 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
[SECURITY] Fedora 18 Update: xen-4.2.2-6.fc18
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 19 Update: xen-4.2.2-6.fc19
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update
An updated rhev-hypervisor6 package that fixes two security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Moderate: Red Hat Security Advisory: rhev 3.2 - vdsm security and bug fix update
Updated vdsm packages that fix one security issue and various bugs are now available. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the C...
[SECURITY] [DSA 2666-1] xen security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2666-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 12, 2013 http://www.debian.org/security/faq -...
Hypervisor crash due to missing exception recovery on XSETBV
ISSUE DESCRIPTION Processors do certain validity checks on the register values passed to XSETBV. For the PV emulation path for that instruction the hypervisor code didn't check for certain invalid bit combinations, thus exposing itself to a fault occurring when invoking that instruction on behalf...
Hypervisor crash due to missing exception recovery on XRSTOR
ISSUE DESCRIPTION Processors do certain validity checks on the data passed to XRSTOR. While the hypervisor controls the placement of that memory block, it doesn't restrict the contents in any way. Thus the hypervisor exposes itself to a fault occurring on XRSTOR. Other than for FXRSTOR, which...
guest denial of service on syscall/sysenter exception generation
ISSUE DESCRIPTION When guest user code running inside a Xen guest operating system attempts to execute a syscall or sysenter instruction, but when the guest operating system has not registered a handler for that instruction, a General Protection Fault may need to be injected into the guest. It ha...
64-bit PV guest privilege escalation vulnerability
ISSUE DESCRIPTION Rafal Wojtczuk has discovered a vulnerability which can allow a 64-bit PV guest kernel running on a 64-bit hypervisor to escalate privileges to that of the host by arranging for a system call to return via sysret to a non-canonical RIP. Intel CPUs deliver the resulting exception...
Cisco Nexus 1000V ESXi Hypervisor Denial of Service Vulnerability
A vulnerability in the Cisco Nexus 1000V Virtual Ethernet Module VEM kernel driver for VMware ESXi could allow an unauthenticated, remote attacker to cause the ESXi hypervisor to crash, resulting in a purple screen of death PSOD. The vulnerability is due to insufficient validation of STUN protoco...