Xen 'ioreq' Remote Code Execution Vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A remote code execution vulnerabilit...

[SECURITY] Fedora 23 Update: xen-4.5.2-6.fc23

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20151208)

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception and DB debug exception...

x86: unintentional logging upon guest changing callback method

ISSUE DESCRIPTION HYPERVISORhvmop sub-op HVMOPsetparam's HVMPARAMCALLBACKIRQ operation intends to log the new callback method in debug builds only. The full message, however, is split into two parts, the second one of which didn't get suppressed on non-debug builds as would have been intended...

[SECURITY] Fedora 22 Update: xen-4.5.2-5.fc22

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Xen Denial of Service Vulnerability (CNVD-2015-08403)

Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. Xen has a security vulnerability that allows an attacker to exploit the vulnerability to crash the host with virtual machine administrator privileges to conduct a denial of servic...

Ubuntu: Security Advisory (USN-2842-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2841-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2841-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel (Wily HWE) vulnerabilities (USN-2843-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2843-2 advisory. Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An...

Ubuntu: Security Advisory (USN-2842-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2840-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2015-8341

The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service memory and disk consumption by starting domains...

CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

Code injection

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

CVE-2015-8338

CVE-2015-8338 affects Xen 4.6.x and earlier. ARM guest OS administrators can trigger a denial of service by abusing page-order input limits in HYPERVISOR_memory_op suboperations (notably XENMEM_increase_reservation, XENMEM_populate_physmap, XENMEM_exchange), leading to CPU consumption, guest rebo...

ioreq handling possibly susceptible to multiple read issue

ISSUE DESCRIPTION Single memory accesses in source code can be translated to multiple ones in machine code by the compiler, requiring special caution when accessing shared memory. Such precaution was missing from the hypervisor code inspecting the state of I/O requests sent to the device model fo...

USN-2842-2: Linux kernel (Vivid HWE) vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

USN-2842-1: Linux kernel vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...