Debian Security Advisory DSA 3633-1 (xen - security update)

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8338 Julien Grall discovered that Xen on ARM was susceptible to denial of service via long running memory operations. CVE-2016-4480 Jan...

FreeBSD : xen-kernel -- x86: Missing SMAP whitelisting in 32-bit exception / event delivery (04cf89e3-5854-11e6-b334-002590263bf5)

The Xen Project reports : Supervisor Mode Access Prevention is a hardware feature designed to make an Operating System more robust, by raising a pagefault rather than accidentally following a pointer into userspace. However, legitimate accesses into userspace require whitelisting, and the excepti...

Debian DSA-3633-1 : xen - security update (Bunker Buster)

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-8338 Julien Grall discovered that Xen on ARM was susceptible to denial of service via long running memory operations. - CVE-2016-448...

Cisco Nexus 1000v Application Virtual Switch Cisco Discovery Protocol Packet Processing Denial of Service Vulnerability (cisco-sa-20160727-avs)

A vulnerability in Cisco Discovery Protocol packet processing for the Cisco Nexus 1000v Application Virtual Switch AVS could allow an unauthenticated, remote attacker to cause the ESXi hypervisor to crash and display a purple diagnostic screen, resulting in a denial of service DoS condition...

CVE-2016-1465

Cisco Nexus 1000v Application Virtual Switch AVS devices before 5.21SV31.5i allow remote attackers to cause a denial of service ESXi hypervisor crash and purple screen via a crafted Cisco Discovery Protocol packet that triggers an out-of-bounds memory access, aka Bug ID CSCuw57985...

[SECURITY] [DSA 3633-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3633-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 27, 2016 https://www.debian.org/security/faq -...

Cisco Nexus 1000v Application Virtual Switch Cisco Discovery Protocol Packet Processing Denial of Service Vulnerability

A vulnerability in Cisco Discovery Protocol packet processing for the Cisco Nexus 1000v Application Virtual Switch AVS could allow an unauthenticated, remote attacker to cause the ESXi hypervisor to crash and display a purple diagnostic screen, resulting in a denial of service DoS condition. The...

DSA-3633-1 xen - security update

Bulletin has no description...

x86: Missing SMAP whitelisting in 32-bit exception / event delivery

ISSUE DESCRIPTION Supervisor Mode Access Prevention is a hardware feature designed to make an Operating System more robust, by raising a pagefault rather than accidentally following a pointer into userspace. However, legitimate accesses into userspace require whitelisting, and the exception...

PVS Targets Displays Blue Screen With Error Code 7B On Xenserver 6.1 and Later

PVS targets give a blue screen error code 7B when on Xenserver 6.1 or later hypervisor...

The vulnerability of Xen hypervisors, which allows a malicious actor to trigger a service failure

The vulnerability of Xen hypervisors is related to resource management errors. Exploiting this vulnerability allows a local attacker to cause service failures by performing incorrect operations until the disk space of the logging subsystem is exhausted...

The vulnerability of Xen hypervisors, which allows a malicious actor to trigger a service failure

The vulnerability of the GNTTABOPswapgrantref function in Xen administrators’ scripts is related to pointer swapping errors. Exploiting this vulnerability could allow an attacker, operating locally, to cause a service failure by creating instances of the GNTTABOPsetuptable or GNTTABOPsetversion...

The vulnerability of VMware Workstation’s hypervisor allows users of the guest operating system to execute code on the host operating system.

The vulnerability of the TPView.dll library in VMware Workstation involves resource management errors. Exploiting this vulnerability allows users of the guest operating system to execute code on the host operating system...

The vulnerability of the VMware Workstation hypervisor allows users of the guest operating system to trigger a failure in the service provided by the host operating system.

The vulnerability of the TPView.dll library in VMware Workstation involves resource management errors. Exploiting this vulnerability can allow users of the guest operating system to cause failures in the host operating system...

The vulnerability of the VMware ESXi hypervisor allows a malicious individual to escalate privileges or cause service failures.

Buffer overflow in the XPDM driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1 allows users of the guest operating system to increase privileges or cause a service failure...

The vulnerability of Xen hypervisors, which allows a malicious actor to trigger a service failure

The vulnerability of Xen hypervisors is related to deficiencies in access control for certain functions. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures using the guest operating system...

The vulnerability of VMware Fusion allows users of the guest operating system to execute code on the host operating system.

The vulnerability of the TPInt.dll library in VMware Fusion’s hypervisor is related to resource management errors. Exploiting this vulnerability allows users of the guest operating system to execute code on the host operating system...

The vulnerability of VMware Workstation’s hypervisor allows users of the guest operating system to execute code on the host operating system.

The vulnerability of the TPInt.dll library in VMware Workstation involves resource management errors. Exploiting this vulnerability allows users of the guest operating system to execute code on the host operating system...

The vulnerability of Xen hypervisors allows a hacker to write data to a disk that is only intended for reading.

The vulnerability of the libxl library in Xen hypervisors arises from the lack of restrictions on writing data when using the qemu-xen device. Exploiting this vulnerability allows a malicious actor to write data to a disk that is intended only for reading...

The vulnerability of Xen hypervisors, which allows a malicious actor to trigger a service failure

The vulnerability of the compatiret function in Xen supervisors is related to resource management errors. Exploiting this vulnerability can allow a malicious actor, operating locally, to trigger a service failure by calling the hypercalliret function with the EFLAGS.VM parameter set...