MiracleLinux 3 : xen-3.0.3-41.7AXS3 (AXSA:2008-256:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-256:01 advisory. This package contains the Xen tools and management daemons needed to run virtual machines on x86, x8664, and ia64 systems. Information on how to use...

CVE-2021-47377

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Updates to Citrix VM Tools for Linux - For Citrix Hypervisor 8.2 CU 1

Who Should Read This Article? This information is for customers using Citrix Hypervisor 8.2 Cumulative Update 1 who have the Citrix VM Tools for Linux installed on their Linux VMs. The following table lists the latest version of the Citrix VM Tools for Linux for Citrix Hypervisor 8.2 Cumulative...

UBUNTU-CVE-2021-28039

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...

Xen Denial of Service Vulnerability (CNVD-2015-07245)

Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. A security vulnerability exists in the 'libxlbuildpost' function in the tools/libxl/libxldom.c file and in the 'libxlsetmemory target' functions, due to a security flaw in the...

DEBIAN-CVE-2015-7972

The 1 libxlsetmemorytarget function in tools/libxl/libxl.c and 2 libxlbuildpost function in tools/libxl/libxldom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand PoD system, which allows local HVM guest users to cause a denial of service...

x86: populate-on-demand balloon size inaccuracy can crash guests

ISSUE DESCRIPTION The design of the memory populate-on-demand PoD system requires that a guest's memory ballooning driver reach its memory reduction target. The target is not entirely well-defined in terms of the information visible to the appropriate parts of the system, so some unknown set of...

[SECURITY] Fedora 17 Update: mom-0.3.0-1.fc17

MOM is a policy-driven tool that can be used to manage overcommitment on KVM hosts. Using libvirt, MOM keeps track of active virtual machines on a host. At a regular collection interval, data is gathered about the host and guests. Data can come from multiple sources eg. the /proc interface, libvi...

[SECURITY] Fedora 18 Update: mom-0.3.0-1.fc18

MOM is a policy-driven tool that can be used to manage overcommitment on KVM hosts. Using libvirt, MOM keeps track of active virtual machines on a host. At a regular collection interval, data is gathered about the host and guests. Data can come from multiple sources eg. the /proc interface, libvi...