[SECURITY] Fedora 27 Update: xen-4.9.2-7.fc27

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 28 Update: xen-4.10.1-6.fc28

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

SUSE SLES11 Security Update : xen (SUSE-SU-2018:2528-1) (Foreshadow) (Meltdown) (Spectre)

This update for xen fixes the following issues: These security issue were fixed : - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local...

Xen Project MSR_DEBUGCTL 'Branch Trace Store' DoS (XSA-269)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patches we...

Xen Project Oxenstored Quota-maxentity DoS (XSA-272)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patches we...

Xen Project ARM Grant Table v2 DoS (XSA-268)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patches we...

Ring 0 Army Knife: r0ak

r0ak is a Windows command-line utility that enables you to easily read, write, and execute kernel-mode code with some limitations from the command prompt, without requiring anything else other than Administrator privileges. Motivation The Windows kernel is a rich environment in which hundreds of...

SUSE-SU-2018:2482-1 Security update for xen

This update for xen fixes the following issues: This security issue was fixed: - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local use...

RHEL 6 / 7 : rhev-hypervisor7 (RHSA-2018:2404)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2404 advisory. The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualizati...

DEBIAN-CVE-2018-15469

An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG...

Design/Logic Flaw

An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG...

DEBIAN-CVE-2018-15468

An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the...

UBUNTU-CVE-2018-15469

An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG...

UBUNTU-CVE-2018-15468

An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the...

ALPINE-CVE-2018-15469

An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG...

Speculation Attack Against Intel's SGX

Another speculative-execution attack against Intel's SGX. At a high level, SGX is a new feature in modern Intel CPUs which allows computers to protect users' data even if the entire system falls under the attacker's control. While it was previously believed that SGX is resilient to speculative...

L1 Terminal Fault Side Channel Vulnerabilities - Lenovo Support US

No description provided...

PT-2018-3388 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.11.x Linux kernel versions prior to 4.18.1 Description: The issue is related to the xenvif set hash mapping function in the Xen hypervisor, which is connected to an integer overflow when handling requests to the netbac...

MGASA-2018-0340 Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on the upstream 4.14.62 and fixes at least the following security issues: kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled...

MGASA-2018-0341 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.62 and fixes at least the following security issues: kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled...