Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers and Xen Security Advisory referenced below for details. Impact A local attacker could potentially execute arbitrary code with privileges of Xen QEMU proce...

Xen Code Execution Vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in X...

[SECURITY] Fedora 24 Update: xen-4.6.5-6.fc24

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 25 Update: xen-4.7.2-6.fc25

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

RHEL 6 : qemu-kvm-rhev (RHSA-2017:1205)

An update for qemu-kvm-rhev is now available for RHEV 3.X Hypervisor and Agents for RHEL-6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 6 / 7 : rhev-hypervisor (RHSA-2017:1209)

An update for rhev-hypervisor7 is now available for RHEV 3.X Hypervisor and Agents for RHEL-6 and RHEV 3.X Hypervisor and Agents for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives ...

UBUNTU-CVE-2017-8903

Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213...

UBUNTU-CVE-2017-8904

Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...

DEBIAN-CVE-2017-8905

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215...

ALPINE-CVE-2017-8903

Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213...

Xen Hypervisor Multiple Vulnerabilities (XSA-213 - XSA-215)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the getuser function due to permissions for accessing MMIO ranges being checked only after accessing them. A...

Important: Red Hat Security Advisory: rhev-hypervisor bug fix and enhancement update for RHEV 3.6.11

An update for rhev-hypervisor7 is now available for RHEV 3.X Hypervisor and Agents for RHEL-6 and RHEV 3.X Hypervisor and Agents for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives ...

Xen 64bit PV Guest - pagetable use-after-type-change Breakout Vulnerability

Exploit for linux platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1231 This is a bug in Xen that permits an attacker with control over the kernel of a 64bit X86 PV guest to write arbitrary entries into a live top-level pagetable. To prevent PV...

[SECURITY] Fedora 26 Update: xen-4.8.1-2.fc26

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Xen 64bit PV Guest - pagetable use-after-type-change Breakout

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1231 This is a bug in Xen that permits an attacker with control over the kernel of a 64bit X86 PV guest to write arbitrary entries into a live top-level pagetable. To prevent PV guests from doing things like mapping live pagetables...

Error "cannot connect to the hypervisor at <ADDRESS> object reference not set to an instance of an object" when running the XDSW

When running the XenDesktop Setup Wizard, it can fail with the following error: "cannot connect to the hypervisor at object reference not set to an instance of an object" The string will contain the actual URL of the vCenter Server. This issue can appear when the DataCenter name on the VMWare sid...

PVS XDSW "Cannot connect to the Hypervisor, object reference not set as an Instance"

When running XDSW, customer encountered generic error "Cannot connect to the Hypervisor, object reference not set as an Instance" This error was encountered just at the stage when the expected screen would be template selection...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1026)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this...

openSUSE Security Update : xen (openSUSE-2017-492)

This update for xen to version 4.7.2 fixes the following issues : These security issues were fixed : - CVE-2017-7228: Broken check in memoryexchange permited PV guest breakout bsc1030442. - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain o...

Security update for xen (important)

This update for xen to version 4.7.2 fixes the following issues: These security issues were fixed: - CVE-2017-7228: Broken check in memoryexchange permited PV guest breakout bsc1030442. - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or...