RHEL 6 / 7 : rhev-hypervisor (RHSA-2015:1011)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1011 advisory. The rhev-hypervisor packages provide a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...

Important: Red Hat Security Advisory: rhev-hypervisor security update

Updated rhev-hypervisor packages that fix one security issue are now available. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CVE link in the...

Scientific Linux Security Update : kvm on SL5.x x86_64 (20150513) (Venom)

An out-of-bounds memory access flaw was found in the way QEMU's virtual Floppy Disk Controller FDC handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileg...

qemu: arbitrary code execution

The guest operating system communicates with the FDC by sending commands such as seek, read, write, format, etc. to the FDCs input/output port. QEMUs virtual FDC uses a fixed-size buffer for storing these commands and their associated data parameters. The FDC keeps track of how much data to expec...

RHEL 7 : qemu-kvm-rhev (RHSA-2015:1000) (Venom)

Updated qemu-kvm-rhev packages that fix one security issue are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

[SECURITY] Fedora 20 Update: xen-4.3.4-3.fc20

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 21 Update: xen-4.4.2-3.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CVE-2015-3340

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request...

[SECURITY] Fedora 22 Update: xen-4.5.0-8.fc22

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Scientific Linux Security Update : kvm on SL5.x x86_64 (20150422)

It was found that KVM's Write to Model Specific Register WRMSR instruction emulation would write non-canonical values passed in by the guest to certain MSRs in the host's context. A privileged guest user could use this flaw to crash the host. CVE-2014-3610 A race condition flaw was found in the w...

SuSE 11.3 Security Update : Xen (SAT Patch Number 10560)

The Virtualization service XEN was updated to fix various bugs and security issues. The following security issues have been fixed : - XSA-126: Unmediated PCI command register access in qemu could have lead to denial of service attacks against the host, if PCI cards are passed through to guests...

[SECURITY] Fedora 22 Update: xen-4.5.0-7.fc22

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Security update for xen (important)

Xen was updated to 4.3.4 to fix multiple vulnerabities and non-security bugs. The following vulnerabilities were fixed: - Long latency MMIO mapping operations are not preemptible XSA-125 CVE-2015-2752 bnc922705 - Unmediated PCI command register access in qemu XSA-126 CVE-2015-2756 bnc922706 -...

[SECURITY] Fedora 20 Update: xen-4.3.4-2.fc20

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 21 Update: xen-4.4.2-2.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly cause a Denial of Service condition or obtain sensitive information. Workaround There...

CVE-2015-1138

Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of service via unspecified vectors...

Design/Logic Flaw

Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of service via unspecified vectors...

CVE-2015-1138

CVE-2015-1138 affects Apple OS X, where the hypervisor allows local users to cause a denial of service via unspecified vectors. Affected: OS X before 10.10.3. Impact is DoS with local access. Remediation: update to OS X 10.10.3 or later. Evidence references include the NVD entry for CVE-2015-1138...

CVE-2015-1138

Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of service via unspecified vectors...