5613 matches found
CVE-2016-8733
An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with native file systems. An attacker can craft an input that can cause a kernel panic and...
FreeBSD : xen-kernel -- x86 CMPXCHG8B emulation fails to ignore operand size override (80a897a2-c1a6-11e6-ae1b-002590263bf5)
The Xen Project reports : The x86 instruction CMPXCHG8B is supposed to ignore legacy operand size overrides; it only honors the REX.W override making it CMPXCHG16B. So, the operand size is always 8 or 16. When support for CMPXCHG16B emulation was added to the instruction emulator, this restrictio...
x86 CMPXCHG8B emulation fails to ignore operand size override
ISSUE DESCRIPTION The x86 instruction CMPXCHG8B is supposed to ignore legacy operand size overrides; it only honors the REX.W override making it CMPXCHG16B. So, the operand size is always 8 or 16. When support for CMPXCHG16B emulation was added to the instruction emulator, this restriction on the...
Xen elevation of privilege vulnerability (CNVD-2016-12348)
Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. An elevation of privilege...
xen-kernel -- x86 CMPXCHG8B emulation fails to ignore operand size override
The Xen Project reports: The x86 instruction CMPXCHG8B is supposed to ignore legacy operand size overrides; it only honors the REX.W override making it CMPXCHG16B. So, the operand size is always 8 or 16. When support for CMPXCHG16B emulation was added to the instruction emulator, this restriction...
Joyent SmartOS Hyprlofs FS IOCTL Native File System name Buffer Overflow Privilege Escalation Vulnerability
Summary An exploitable buffer overflow exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer...
Researchers Question Security in AMD's Upcoming Zen Chips
As more computing heads to the clouds, security researchers are questioning the security of virtual machine control panels called hypervisors. One of the first hardware-based solutions to address these concerns will be deployed by chip manufacturer AMD, called Secure Encrypted Virtualization. The...
Xen Denial of Service Vulnerability (CNVD-2016-12158)
Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen has a denial of service...
Debian DSA-3729-1 : xen - security update
Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-7777 XSA-190 Jan Beulich from SUSE discovered that Xen does not properly honor CR0.TS and CR0.EM for x86 HVM guests, potentially...
Xen Multiple Vulnerabilities (XSA-191 - XSA-198)
According to its self-reported version number, the Xen hypervisor installed on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the injectswint function in x86emulate.c due to improper handling of the format of IDT lookups...
[SECURITY] [DSA 3729-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3729-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 07, 2016 https://www.debian.org/security/faq -...
DSA-3729-1 xen - security update
Bulletin has no description...
FreeBSD : xen-kernel -- x86: Mishandling of instruction pointer truncation during emulation (49211361-ba4d-11e6-ae1b-002590263bf5)
The Xen Project reports : When emulating HVM instructions, Xen uses a small i-cache for fetches from guest memory. The code that handles cache misses does not check if the address from which it fetched lies within the cache before blindly writing to it. As such it is possible for the guest to...
[SECURITY] Fedora 25 Update: xen-4.7.1-3.fc25
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 24 Update: xen-4.6.4-2.fc24
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 25 Update: xen-4.7.1-3.fc25
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 23 Update: xen-4.5.5-4.fc23
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
ARM guests may induce host asynchronous abort
ISSUE DESCRIPTION Depending on how the hardware and firmware have been integrated, guest-triggered asynchronous aborts SError on ARMv8 may be received by the hypervisor. The current action is to crash the host. A guest might trigger an asynchronous abort when accessing memory mapped hardware in a...
Xen elevation of privilege vulnerability (CNVD-2016-11705)
Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen has an elevation of privilege...
Debian DLA-720-1 : xen security update
Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2016-9379, CVE-2016-9380 XSA-198 pygrub, the boot loader emulator, fails to quote or sanity check its results when reporting them to its...