17 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-12892
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an...
Fedora 28 : xen (2018-a7862a75f5)
preemption checks bypassed in x86 PV MM handling XSA-264, CVE-2018-12891 1595959 x86: DB exception safety check can be triggered by a guest XSA-265, CVE-2018-12893 1595958 libxl fails to honour readonly flag on HVM emulated SCSI disks XSA-266, CVE-2018-12892 1595957 Note that Tenable Network...
SUSE SLES12 Security Update : xen (SUSE-SU-2018:2081-1)
This update for xen fixes the following issues: Security issues fixed : - CVE-2018-12891: Fix preemption checks bypass in x86 PV MM handling XSA-264 bsc1097521. - CVE-2018-12892: Fix libxl failure to honour readonly flag on HVM emulated SCSI disks XSA-266 bsc1097523. - CVE-2018-12893: Fix DB...
SUSE-SU-2018:1981-1 Security update for xen
This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3665: Fix Lazy FP Save/Restore issue XSA-267 bsc1095242. - CVE-2018-12891: Fix possible Denial of Service DoS via certain PV MMU operations that affect the entire host XSA-264 bsc1097521. - CVE-2018-12892: Fix libxl...
Design/Logic Flaw
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
ALPINE-CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
UBUNTU-CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
DEBIAN-CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
CVE-2018-12892
Concretely, CVE-2018-12892 affects Xen 4.7–4.10.x when using libxl with qemu-xen: libxl fails to pass the readonly flag to QEMU for emulated SCSI disks (disk type sd) due to an erroneous merge conflict resolution. This can allow malicious guest administrators or certain users to write to original...
CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
[SECURITY] [DSA 4236-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4236-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 27, 2018 https://www.debian.org/security/faq -...
libxl fails to honour readonly flag on HVM emulated SCSI disks
ISSUE DESCRIPTION libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. IMPACT Malicious guest administrators or in some situations users may be able to write to supposedly read-only disk images. VULNERABLE...
Security update for xen (important)
This updates xen to version 4.4.406 to fix the following issues: - An unprivileged user in a guest could gain guest could escalate privilege to that of the guest kernel, if it had could invoke the instruction emulator. Only 64-bit x86 HVM guest were affected. Linux guest have not been vulnerable...
RHEL 7 : virtio-win (RHSA-2015:1044)
An updated virtio-win package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Important: Red Hat Security Advisory: virtio-win security and bug fix update
An updated virtio-win package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Existing Hyper-V backup and replication jobs processing VM with SCSI disks start to consume x2 space on target storage after upgrade to v8
Challenge After upgrading to v8 the following issues are observed with the existing jobs processing Hyper-V VMs with SCSI disks: 1. First backup job run will transfer entire VM disks into the incremental backup storage. The following job runs will operate normally - regular incremental restore...