Debian Security Advisory DSA 2582-1 (xen - several vulnerabilities)

Multiple denial of service vulnerabilities have been discovered in the Xen Hypervisor. One of the issue CVE-2012-5513 could even lead to privilege escalation from guest to host. Some of the recently published Xen Security Advisories XSA 25 and 28 are not fixed by this update and should be fixed i...

Debian Security Advisory DSA 2389-1 (linux-2.6 - privilege escalation/denial of service/information leak)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-2183Andrea Righi reported an issue in KSM, a memory-saving de-duplication...

UBUNTU-CVE-2013-4129

The bridge multicast implementation in the Linux kernel through 3.10.3 does not check whether a certain timer is armed before modifying the timeout value of that timer, which allows local users to cause a denial of service BUG and system crash via vectors involving the shutdown of a KVM virtual...

Microsoft Internet Explorer CMshtmlEd Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Oracle Linux 5 : kernel (ELSA-2013-1034-1)

From Red Hat Security Advisory 2013:1034 : Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS...

Oracle Linux 5 : kvm (ELSA-2012-0051)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0051 advisory. - Resolves: bz772079 EMBARGOED CVE-2012-0029 qemu-kvm: e1000: processtxdesc legacy mode packets heap overflow rhel-5.7.z - Resolves: bz770100...

Oracle Linux 5 : kernel (ELSA-2008-0275)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0275 advisory. 2.6.18-53.1.21.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 62193...

Oracle Linux 4 : kernel (ELSA-2009-1211)

From Red Hat Security Advisory 2009:1211 : Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain...

RedHat Update for kernel RHSA-2013:1034-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2013:1034-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

RedHat Update for kernel RHSA-2013:1034-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Low: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

RHEL 5 : kernel (RHSA-2013:1034)

Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Ubuntu 4.10 / 5.10 : linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities (USN-219-1)

Al Viro discovered a race condition in the /proc file handler of network devices. A local attacker could exploit this by opening any file in /proc/sys/net/ipv4/conf// and waiting until that interface was shut down. Under certain circumstances this could lead to a kernel crash or even arbitrary co...

Ubuntu 10.10 : openjdk-6b18 vulnerabilities (USN-1079-3)

USN-1079-2 fixed vulnerabilities in OpenJDK 6 for armel ARM architectures in Ubuntu 9.10 and Ubuntu 10.04 LTS. This update fixes vulnerabilities in OpenJDK 6 for armel ARM architectures for Ubuntu 10.10. It was discovered that untrusted Java applets could create domain name resolution cache...

SuSE 11.2 Security Update : Xen (SAT Patch Number 7018)

XEN was updated to fix various bugs and security issues : The following security issues have been fixed : - xen: Domain builder Out-of-memory due to malicious kernel/ramdisk XSA 25. CVE-2012-4544 - XEN / qemu: guest administrator can access qemu monitor console XSA-19. CVE-2012-4411 - xen: Timer...

RHEL 5 : Red Hat Network Satellite server IBM Java Runtime (RHSA-2011:0880)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0880 advisory. - TLS: MITM attacks via session renegotiation CVE-2009-3555 - krb5: null pointer dereference in GSS-API library leads to DoS...

RHEL 5 : kernel (RHSA-2009:1466)

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the...

DSA-2582-1 xen - denial of service

Bulletin has no description...

kernel: xen: VCPU timer overflow leads to PCPU deadlock and host death-by-watchdog

Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service Xen infinite loop and physical CPU consumption by setting a VCPU with an "inappropriate deadline."...

XEN: security and bugfix update (important)

This security update of XEN fixes various bugs and security issues. - Upstream patch 26088-xend-xml-filesize-check.patch - bnc787163 - CVE-2012-4544: xen: Domain builder Out-of- memory due to malicious kernel/ramdisk XSA 25 CVE-2012-4544-xsa25.patch - bnc779212 - CVE-2012-4411: XEN / qemu: guest...