5 matches found
FreeBSD : xen-kernel -- Information leak through version information hypercall (ef9d041e-27e2-11e5-a4a5-002590263bf5)
The Xen Project reports : The code handling certain sub-operations of the HYPERVISORxenversion hypercall fails to fully initialize all fields of structures subsequently copied back to guest memory. Due to this hypervisor stack contents are copied into the destination of the operation, thus becomi...
Fedora 20 : xen-4.3.3-12.fc20 (2015-3721)
HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 Information leak via internal x86 system device emulation, Information leak through version information hypercall Note that Tenable...
Fedora 21 : xen-4.4.1-16.fc21 (2015-3944)
Additional patch for XSA-98 on arm64 HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 enable building pngs from fig files which is working again, fix oxenstored.service preset...
Fedora 22 : xen-4.5.0-6.fc22 (2015-3935)
Additional patch for XSA-98 on arm64 HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 Information leak via internal x86 system device emulation, Information leak through version...
Xen version information hypercall information disclosure vulnerability
Xen is an open source virtual machine. Xen has a security vulnerability that allows a malicious HVM Guest to read sensitive data from other Guests via version information hypercall...