[SECURITY] Fedora 30 Update: xen-4.11.3-2.fc30

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0253)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make...

Security Bulletin: IBM WebSphere Message Broker Hypervisor Edition V8.0 require customer action for security vulnerabilities in Red Hat Linux

Summary IBM WebSphere Message Broker Hypervisor Edition V8.0 ship with Red Hat Enterprise Linux RHEL Server 6.2 which is vulnerable to CVE-2019-14833 CVE-2019-14847, CVE-2019-10218 Vulnerability Details Refer to the security bulletinss listed in the Remediation/Fixes section Affected Products and...

CVE-2019-10142

A flaw was found in the Linux kernel's freescale hypervisor manager implementation. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse...

Xen VMentry Failure Denial Of Service vulnerability (XSA-308)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an denial of service vulnerability due to a mishandling of a certain case by VMX VMEntry. An unauthenticated remote attacker can exploit this issue, to cause a denial of service DOS. Note...

Xen 32-bit Arm Guest OS Denial Of Service vulnerability (XSA-307)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability due to a mishandling of a certain bit iteration in 32-bit Arm systems. An authenticated local attacker can exploit this issue, to cause a denial of servi...

Xen Project Restartable PV Type Change Operations Elevation of Privilege Vulnerability (XSA-310)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an elevation of privilege vulnerability due to race conditions in the pagetable promotion and demotion operations. An authenticated, remote attacker can exploit this issue, by triggering...

Oracle Linux 6 : kernel (ELSA-2019-4256)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4256 advisory. - virt KVM: coalescedmmio: add bounds checking Bandan Das 1746799 CVE-2019-14821 - virt KVM: MMIO: Lock coalesced device when checking for available entry Banda...

Security Bulletin: Vulnerability in Apache Commons affects IBM i (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM i. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by the...

[SECURITY] Fedora 31 Update: xen-4.12.1-8.fc31

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CVE-2019-19332

An out-of-bounds memory write issue was found in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulti...

SUSE-SU-2019:3310-1 Security update for xen

This update for xen fixes the following issues: - CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. - CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. - CVE-2019-19583: Fixed...

SUSE SLES12 Security Update : xen (SUSE-SU-2019:3296-1)

This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...

SUSE SLES12 Security Update : xen (SUSE-SU-2019:3297-1)

This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...

Fedora Update for xen FEDORA-2019-3d7105bd2a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2019:3296-1 Security update for xen

This update for xen fixes the following issues: - CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. - CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. - CVE-2019-19583: Fixed...

[SECURITY] Fedora 30 Update: xen-4.11.2-4.fc30

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Xen Denial of Service Vulnerability (CNVD-2020-07294)

Xen is an open source virtual machine monitor product. A denial of service vulnerability exists in Xen 4.12. and earlier versions. The vulnerability stems from improper handling of certain bit iterations. An attacker could exploit this vulnerability to cause a denial of service...

CVE-2019-19582

An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service infinite loop because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which...

DEBIAN-CVE-2019-19582

An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service infinite loop because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which...