DEBIAN-CVE-2018-10982

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service unexpectedly high interrupt number, array overrun, and hypervisor crash or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET...

CVE-2018-10982

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service unexpectedly high interrupt number, array overrun, and hypervisor crash or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET...

CVE-2018-10982

CVE-2018-10982 affects the Xen hypervisor (through 4.10.x) where x86 HVM guests can cause a denial of service or potentially gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode (vHPET interrupt injection). Affected component: Xen hypervisor (x86 HVM path) ...

SUSE-SU-2018:1203-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

SUSE-SU-2018:1202-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

SUSE SLES12 Security Update : xen (SUSE-SU-2018:1177-1) (Meltdown)

This update for xen fixes several issues. These security issues were fixed : - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

SUSE SLES11 Security Update : xen (SUSE-SU-2018:1181-1) (Meltdown)

This update for xen fixes several issues. These security issues were fixed : - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

SUSE-SU-2018:1184-1 Security update for xen

This update for xen to version 4.9.2 fixes several issues. This feature was added: - Added script, udev rule and systemd service to watch for vcpu online/offline events in a HVM domU. They are triggered via 'xl vcpu-set domU N' These security issues were fixed: - CVE-2018-8897: Prevent mishandlin...

SUSE-SU-2018:1181-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

SUSE-SU-2018:1177-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4096)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4096 advisory. - x86/kernel/traps.c: fix tracedienotifier return value Kris Van Hees CVE-2018-8897 - x86/entry/64: Dont use IST entry for BP stack Andy Lutomirski...

CVE-2018-1087

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch...

Xen CDROM Image Handling Local File Disclosure Vulnerability (XSA-258)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a local file disclosure vulnerability. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patche...

Xen arch/x86/x86_64/entry.S Exception Handling Guest-to-host DoS (XSA-259)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patches we...

Xen Denial of Service Vulnerability (CNVD-2018-10142)

Xen is an open source virtual machine monitor product developed by the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in X...

[SECURITY] Fedora 27 Update: xen-4.9.2-2.fc27

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CVE-2018-10471

An OOB write issue was found in the way Xen hypervisor handled error in the Page Table Isolation PTI implementation, used to fix the Meltdown issue. It could occur while processing interrupt 'INT 0x80', when PV guest's vCPU has no handler for it. A malicious guest user/process could use this flaw...

[SECURITY] Fedora 28 Update: xen-4.10.0-9.fc28

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CVE-2018-10471

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service out-of-bounds zero write and hypervisor crash via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754...

DEBIAN-CVE-2018-10472

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users in certain configurations to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot...