Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002066)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002066 advisory. The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002041)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002041 advisory. The pcibackenablemsi function in the PCI backend driver drivers/xen/pciback/confspacecapabilitymsi.c in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users...

SUSE CVE-2013-0231

The pcibackenablemsi function in the PCI backend driver drivers/xen/pciback/confspacecapabilitymsi.c in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are...

OracleVM 3.3 : kernel-uek (OVMSA-2016-0084)

The remote OracleVM system is missing necessary patches to address critical security updates : - Revert 'x8664: expand kernel stack to 16K' Chuck Anderson Orabug: 23608686 - megaraidsas : Update threshold based reply post host index register Orabug: 23562756 - xen/events: Don't move disabled irqs...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3573)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3573 advisory. kernel-uek 3.8.13-118.7.1 - megaraidsas : Update threshold based reply post host index register [email protected] Orabug: 23562756 - xen/events:...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.7.1 - megaraidsas : Update threshold based reply post host index register [email protected] Orabug: 23562756 - xen/events: Don't move disabled irqs Ross Lagerwall Orabug: 23055234 - xen/events: Mask a moving irq Boris Ostrovsky Orabug: 23055234 - xen/pciback: Save t...

Null pointer dereference

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service NULL pointer dereference and host OS crash by leveraging a system with access to a...

kernel-uek security update

kernel-uek 4.1.12-32.1.2 - KEYS: Fix keyring ref leak in joinsessionkeyring Yevgeny Pats Orabug: 22563965 CVE-2016-0728 4.1.12-32.1.1 - ocfs2: return non-zero stblocks for inline data John Haxby Orabug: 22218243 - xen/events/fifo: Consume unprocessed events when a CPU dies Ross Lagerwall Orabug:...

UBUNTU-CVE-2015-8552

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service disk consumption by leveraging a system with access to a...

UBUNTU-CVE-2015-8551

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service NULL pointer dereference and host OS crash by leveraging a system with access to a...

OracleVM 3.3 : kernel-uek (OVMSA-2015-0060)

The remote OracleVM system is missing necessary patches to address critical security updates : - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807438...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3035)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3035 advisory. - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 - xen/pciback: Don't disable PCICOMMAND on PCI...

Unbreakable Enterprise kernel security and bugfix update

2.6.39-400.250.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077389 CVE-2015-3331 2.6.39-400.250.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807440 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3019)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3019 advisory. - IB/core: Prevent integer overflow in ibumemget address arithmetic Shachar Raindel Orabug: 20799875 CVE-2014-8159 CVE-2014-8159 - xen-pciback: lim...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3020)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3020 advisory. - IB/core: Prevent integer overflow in ibumemget address arithmetic Shachar Raindel Orabug: 20788393 CVE-2014-8159 CVE-2014-8159 - xen-pciback: lim...

Unmediated PCI command register access in qemu

ISSUE DESCRIPTION HVM guests are currently permitted to modify the memory and I/O decode bits in the PCI command register of devices passed through to them. Unless the device is an SR-IOV virtual function, after disabling one or both of these bits subsequent accesses to the MMIO or I/O port range...

OracleVM 3.1 : kernel-uek (OVMSA-2013-0010)

The remote OracleVM system is missing necessary patches to address critical security updates : - xen-pciback: rate limit error messages from xenpcibkenablemsi,x Jan Beulich Orabug: 16243736 CVE-2013-0231 - Xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests. Frediano Ziglio...

openSUSE Security Update : kernel (openSUSE-SU-2013:0395-1)

The Linux kernel was updated to 3.4.33 and to fix a local root privilege escalation and various other security and non-security bugs. CVE-2013-1763: A out of bounds access in sockdiag could be used by local attackers to execute code in kernel context and so become root. CVE-2013-0160: The atime o...

openSUSE Security Update : kernel (openSUSE-SU-2013:0951-1)

The openSUSE 12.3 kernel was updated to fix a critical security issue, other security issues and several bugs. Security issues fixed: CVE-2013-2094: The perfsweventinit function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2503)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-2503 advisory. - kmod: make requestmodule killable Oleg Nesterov Orabug: 16286305 CVE-2012-4398 - kmod: introduce callmodprobe helper Oleg Nesterov Orabug: 162863...