DEBIAN-CVE-2015-7835

The modl2entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping...

CVE-2015-7835

The modl2entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping...

CVE-2015-7813

Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests to cause a denial of service via a sequence of 1 HYPERVISORphysdevop hypercalls, which are not properly handled in the dophysdevop function in...

DEBIAN-CVE-2015-7813

Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests to cause a denial of service via a sequence of 1 HYPERVISORphysdevop hypercalls, which are not properly handled in the dophysdevop function in...

CVE-2015-7813

Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests to cause a denial of service via a sequence of 1 HYPERVISORphysdevop hypercalls, which are not properly handled in the dophysdevop function in...

Xen Patches VM Escape Vulnerability

The Xen Project, which oversees the open source Xen hypervisor, yesterday patched a seven-year-old vulnerability that allows an attacker to escape a guest virtual machine and attack the host operating system. The flaw is so bad that the developers of the Qubes OS Project, a security-heavy operati...

arm: various unimplemented hypercalls log without rate limiting

ISSUE DESCRIPTION The HYPERVISORphysdevop hypercall and most suboperations of the HYPERVISORhvmop hypercall are not currently implemented by Xen on ARM and when called will log the use to the hypervisor console. However these guest accessible log messages are not rate-limited. IMPACT A malicious...

[SECURITY] Fedora 22 Update: xen-4.5.1-13.fc22

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 21 Update: xen-4.4.3-6.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Scientific Linux Security Update : kvm on SL5.x x86_64 (20151022)

A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance denial of service or potentially execute arbitrary code on the host...

PT-2015-2758 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.2.6 Xen versions 4.3.x through 4.6.x Description: The issue is related to errors in resource management within the KVM subsystem of the Linux kernel and the Xen hypervisor. It allows a local attacker to cause ...

How to Use IIS to Acquire SSL Certificates for XenServer or Citrix Hypervisor

This article describes how to create a certificate in IIS and transfer it to a XenServer or Citrix Hypervisor server. This article applies to Citrix Hypervisor 8.1 or earlier...

SUSE: Security Advisory for Xen (SUSE-SU-2014:0446-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for Xen (SUSE-SU-2015:0613-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for xen (SUSE-SU-2015:0022-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 21 Update: xen-4.4.3-5.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 23 Update: xen-4.5.1-13.fc23

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

spice security update

CentOS Errata and Security Advisory CESA-2015:1889 An updated spice-server package that fixes two security issues is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

Important: Red Hat Security Advisory: spice security update

Updated spice packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...

Oracle: Security Advisory (ELSA-2009-1670)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...