EUVD-2009-3507

Malware in sbrugna...

microcode_ctl security update

2:2.1-73.13.0.3 - update 06-55-04 to 0x2006d05 - update 06-55-07 to 0x5003302 - update 06-6a-04 to 0xb000280 - update 06-6a-06 to 0xd000375 2:2.1-73.13.0.2 - roll back 06-6a-06 to 0xd0002a0 due to PCIe issues on reset Orabug: 34076312 2:2.1-73.13.0.1 - for Intel, do not trigger load if on-disk...

microcode_ctl security, bug fix and enhancement update

2:2.1-73.11.0.1 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early and late load for 5.4.17...

microcode_ctl security, bug fix and enhancement update

2:2.1-61.6.0.1 - update 06-2d-07 to 0x71a - update 06-55-04 to 0x2006906 - update 06-55-07 to 0x5002f01 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - do not late...

microcode_ctl security, bug fix and enhancement update

3:1.17-33.26.0.1 - update 06-2d-07 to 0x71a - update 06-55-04 to 0x2006906 - update 06-55-07 to 0x5002f01 - merge Oracle changes for early load via dracut - enable late load on install for UEK4 kernels marked safe except BDW-79 - set earlymicrocode='no' in virtualized guests to avoid early load...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service...

Information Disclosure

xen is vulnerable to information disclosure. The vulnerability exists as a flaw was found in the QEMU block format auto-detection, when running fully-virtualized guests and using Qemu images written on removable media USB storage, 3.5" disks. Privileged users of such fully-virtualized guests DomU...

Information Disclosure

xen is vulnerable to information disclosure. A security vulnerability was discovered in the QEMU block format auto-detection, when running fully-virtualized guests. Such fully-virtualized guests, with a raw formatted disk image, were able to write a header to that disk image describing another...

microcode_ctl security update

3:1.17-33.19.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618737 3:1.17-33.19.0.1 - merge Oracle changes for early load via dracut - enable late load on install for UEK4 kernels marked safe except BDW-79 - update 06-55-04 to 0x2000065 - update 06-55-07 to...

microcode_ctl security update

2:2.1-53.3.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 2:2.1-53.3.0.1 - do not late load prior to 3.10.0 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early loading on 06-4f-01 - update 06-55-04 to 0x2000065 - update...

Important: Red Hat Security Advisory: spice-server security update

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Virtuozzo 6 : spice-server / spice-server-devel (VZLSA-2018-3522)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

spice security update

CentOS Errata and Security Advisory CESA-2018:3522 An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CentOS Update for xen CESA-2015:2065 centos5

Check the version of xen SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882324";...

CentOS 5 : xen (CESA-2015:2065)

Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from t...

Important: Red Hat Security Advisory: xen security update

Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from t...

RedHat Update for spice RHSA-2015:1714-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 5 : xen (CESA-2015:1002) (Venom)

Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from t...

Important: Red Hat Security Advisory: spice-server security update

An updated spice-server package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Scientific Linux Security Update : xen on SL5.x i386/x86_64 (20130306)

A flaw was found in the way QEMU emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a fully- virtualized guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitra...