Oracle Linux 5 : kernel (ELSA-2016-0450)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0450 advisory. - fb vm: convert fbmmap to vmiomapmemory helper Jacob Tanenbaum 1035240 CVE-2013-2596 - s390 add dummy ioremappfnrange to asm-s390/pgtable.h Jacob...

RedHat Update for kernel RHSA-2016:0450-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 5 : kernel (RHSA-2016:0450)

Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20160315)

An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file /dev/fb could possibly use this flaw to escalate their privileges on the system...

xen: hypervisor memory corruption due to x86 emulator flaw (xsa123)

It was found that the Xen hypervisor x86 CPU emulator implementation did not correctly handle certain instructions with segment overrides, potentially resulting in a memory corruption. A malicious guest user could use this flaw to read arbitrary data relating to other guests, cause a denial of...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

RHEL 6 : rhev-hypervisor (RHSA-2016:0379) (DROWN)

An updated rhev-hypervisor package that fixes several security issues, bugs, and enhancements is now available. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

[SECURITY] Fedora 22 Update: xen-4.5.2-8.fc22

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 23 Update: xen-4.5.2-8.fc23

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

How to trigger a memory dump from a Windows virtual machine

This article describes how to trigger and capture a memory dump from a Windows Virtual Machine VM running on a XenServer 8 or Citrix Hypervisor 8.2 CU1 host. Refer to the Microsoft KB article, Generate a kernel or complete crash dump for more information. Troubleshooting unresponsive Windows VMs...

Critical: Red Hat Security Advisory: rhev-hypervisor security update

Updated rhev-hypervisor packages that fix one security issue are now available. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CVE link in the...

DEBIAN-CVE-2016-2271

VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service guest crash via vectors related to a non-canonical RIP...

UBUNTU-CVE-2016-2271

VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service guest crash via vectors related to a non-canonical RIP...

Xen Project Explains Patch SNAFU

Xen Project dropped the ball on two important security patches when it released a maintenance update for its popular hypervisor software on Tuesday. On its company blog today, Xen acknowledged what it called an “oversight” and attempted to explain what went wrong. Effected is maintenance release...

x86: inconsistent cachability flags on guest mappings

ISSUE DESCRIPTION Multiple mappings of the same physical page with different cachability setting can cause problems. While one category risk of using stale data affects only guests themselves and hence avoiding this can be left for them to control, the other category being Machine Check exception...

[SECURITY] Fedora 22 Update: xen-4.5.2-7.fc22

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 23 Update: xen-4.5.2-7.fc23

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Apple Mac OSX Kernel - Hypervisor Driver Use-After-Free

Apple Mac OSX Kernel - Hypervisor Driver Use-After-Free / Source: https://code.google.com/p/google-security-research/issues/detail?id=580 The hvspace lock group gets an extra ref dropped when you kill a process with an AppleHV userclient; one via IOService::terminateWorker calling the...

Apple Mac OSX - Kernel Hypervisor Driver Use-After-Free

Exploit for macOS platform in category dos / poc / Source: https://code.google.com/p/google-security-research/issues/detail?id=580 The hvspace lock group gets an extra ref dropped when you kill a process with an AppleHV userclient; one via IOService::terminateWorker calling the AppleHVClient::fre...

Xen 'PV superpage' function security bypass vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in t...