Information leak via internal x86 system device emulation

ISSUE DESCRIPTION Emulation routines in the hypervisor dealing with certain system devices check whether the access size by the guest is a supported one. When the access size is unsupported these routines failed to set the data to be returned to the guest for read accesses, so that hypervisor sta...

Information leak through version information hypercall

ISSUE DESCRIPTION The code handling certain sub-operations of the HYPERVISORxenversion hypercall fails to fully initialize all fields of structures subsequently copied back to guest memory. Due to this hypervisor stack contents are copied into the destination of the operation, thus becoming visib...

virt-who: plaintext hypervisor passwords in world-readable /etc/sysconfig/virt-who configuration file

It was discovered that the /etc/sysconfig/virt-who configuration file, which may contain hypervisor authentication credentials, was world-readable. A local user could use this flaw to obtain authentication credentials from this file...

Moderate: Red Hat Security Advisory: virt-who security, bug fix, and enhancement update

An updated virt-who package that fixes one security issue, several bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

xen-kernel -- Information leak via internal x86 system device emulation

The Xen Project reports: Emulation routines in the hypervisor dealing with certain system devices check whether the access size by the guest is a supported one. When the access size is unsupported these routines failed to set the data to be returned to the guest for read accesses, so that...

xen-kernel -- Information leak through version information hypercall

The Xen Project reports: The code handling certain sub-operations of the HYPERVISORxenversion hypercall fails to fully initialize all fields of structures subsequently copied back to guest memory. Due to this hypervisor stack contents are copied into the destination of the operation, thus becomin...

Microsoft Virtual PC Hypervisor Virtual Machine Monitor Security Bypass Vulnerability

Windows Virtual PC is the latest Microsoft virtualization technology. A security bypass vulnerability exists in Microsoft Virtual PC Hypervisor Virtual Machine Monitor, which can be exploited by an attacker to bypass memory protection mechanisms and obtain sensitive information...

DEBIAN-CVE-2015-1563

The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged...

RHEL 6 : rhev-hypervisor6 (RHSA-2015:0126)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2015:0126 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...

Critical: Red Hat Security Advisory: rhev-hypervisor6 security update

An updated rhev-hypervisor6 package that fixes multiple security issues is now available for Red Hat Enterprise Virtualization 3. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

arm: vgic: incorrect rate limiting of guest triggered logging

ISSUE DESCRIPTION On ARM systems the code which deals with virtualising the GIC distributor would, under various circumstances, log messages on a guest accessible code path without appropriate rate limiting. IMPACT A malicious guest could cause repeated logging to the hypervisor console, leading ...

[SECURITY] Fedora 20 Update: xen-4.3.3-9.fc20

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 21 Update: xen-4.4.1-12.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

DEBIAN-CVE-2015-0361

Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows remote domains to cause a denial of service system crash via a crafted hypercall during HVM guest teardown...

Xen Denial of Service Vulnerability (CNVD-2015-00102)

Xen is an open source virtual machine. Xen suffers from a denial-of-service vulnerability that can be exploited by an attacker to crash the host operating system, effectively denying legitimate users...

Xen: Denial of service

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact A local user could possibly cause a Denial of Service condition. Workaround There is no known workaround at this time...

Citrix Hypervisor / XenServer Detection (SSH Login)

SSH login-based detection of Citrix Hypervisor / XenServer. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 19 : xen-4.2.5-6.fc19 (2014-16017)

Excessive checking in compatibility mode hypercall argument translation, Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor, fix segfaults and failures in xl migrate --debug Note that Tenable Network Security has extracted the preceding description block directly from the...

[SECURITY] Fedora 19 Update: xen-4.2.5-6.fc19

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 20 Update: xen-4.3.3-6.fc20

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...