EUVD-2009-3507

Malware in sbrugna...

SUSE CVE-2009-3525

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...

SUSE CVE-2012-2625

The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service memory consumption via a large 1 bzip2 or 2 lzma compressed kernel image...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in fixuppagefault in the Xen hypervisor implementation. If a 64-bit para-virtualized guest accessed a certain area of memory, it could cause a denial of service on the host system running the Xen hyperviso...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service...

Denial Of Service (DoS)

xen is vulnerable to denial of service DoS. The vulnerability exists as it was discovered that the hypervisor's para-virtualized framebuffer PVFB backend failed to validate the frontend's framebuffer description properly. This could allow a privileged user in the unprivileged domain DomU to cause...

Denial Of Service (DoS)

xen is vulnerable to denial of service. The hypervisor's para-virtualized framebuffer PVFB backend failed to validate the frontend's framebuffer description. This could allow a malicious user to cause a denial of service, or to use a specially crafted frontend to compromise the privileged domain...

Fuzzing para-virtualized devices in Hyper-V

Introduction Introduction Hyper-V is the backbone of Azure, running on its Hosts to provide efficient and fair sharing of resources, but also isolation. That’s why we, in the vulnerability research team for Windows, have been working in the background for years now helping secure Hyper-V. And why...

Fuzzing para-virtualized devices in Hyper-V

Introduction Hyper-V is the backbone of Azure, running on its Hosts to provide efficient and fair sharing of resources, but also isolation. That’s why we, in the vulnerability research team for Windows, have been working in the background for years now helping secure Hyper-V. And why Microsoft...

CVE-2012-2625

The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service memory consumption via a large 1 bzip2 or 2 lzma compressed kernel image...

CVE-2012-2625

CVE-2012-2625 affects the PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, and in Xen 4.2.x and 4.1.x. It allows local para-virtualized guest users to cause a denial of service by triggering memory consumption when loading a kernel image that is large and compressed (either...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

Note: Troy Dawson has tested this update on a machine hosting both paravirtualized and fully virtualized machines, both 32 bit and 64 bit. He did the update while all the machines were running, none of them had any problems. He also tried stopping, starting, and rebooting several of the machines...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

CVE-2009-3525 Xen: PyGrub missing support for password configuration command The pyGrub boot loader did not honor the 'password' option in the grub.conf file for para-virtualized guests. Users with access to a guest's console could use this flaw to bypass intended access restrictions and boot the...

Scientific Linux Security Update : Virtio on SL3.x i386/x86_64

This new package provides signed, para-virtualized block and network drivers for Scientific Linux 3 as a KVM virtualized guest. Users may see various warnings during package installation, including : - Different versions of package are already installed. Older versions of the package may cause...

kernel: x86-64: avoid sysret to non-canonical address

It was found that the Xen hypervisor implementation as shipped with Red Hat Enterprise Linux 5 did not properly restrict the syscall return addresses in the sysret return path to canonical addresses. An unprivileged user in a 64-bit para-virtualized guest, that is running on a 64-bit host that ha...

CentOS Update for xen CESA-2009:1472 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for xen CESA-2009:1472 centos5 i386

Check for the Version of xen OpenVAS Vulnerability Test CentOS Update for xen CESA-2009:1472 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Security Advisory RHSA-2009:1472

The remote host is missing updates announced in advisory RHSA-2009:1472. Xen is an open source virtualization framework. Virtualization allows users to run guest operating systems in virtual machines on top of a host operating system. The pyGrub boot loader did not honor the password option in th...

CVE-2009-3525

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...

Design/Logic Flaw

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...