Fedora 20 : xen-4.3.1-6.fc20 (2013-23251)

Disaggregated domain management security status update, IOMMU TLB flushing may be inadvertently suppressed Lock order reversal between pagealloclock and mmrwlock, Hypercalls exposed to privilege rings 1 and 2 of HVM guests Insufficient TLB flushing in VT-d iommu code Note that Tenable Network...

SuSE 11.3 Security Update : Xen (SAT Patch Number 8588)

The Xen hypervisor and tool-suite have been updated to fix security issues and bugs : - XSA-73: A lock order reversal between page allocation and grant table locks could lead to host crashes or even host code execution. CVE-2013-4494 - XSA-74: A lock order reversal between pagealloclock and...

Fedora 18 : xen-4.2.3-10.fc18 (2013-22312)

Lock order reversal between pagealloclock and mmrwlock, Hypercalls exposed to privilege rings 1 and 2 of HVM guests, Insufficient TLB flushing in VT-d iommu code Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable ha...

Hypercalls exposed to privilege rings 1 and 2 of HVM guests

ISSUE DESCRIPTION The privilege check applied to hypercall attempts by a HVM guest only refused access from ring 3; rings 1 and 2 were allowed through. IMPACT Code running in the intermediate privilege rings of HVM guest OSes may be able to elevate its privileges inside the guest by careful...