7 matches found
Xen - Broken Check in memory_exchange() Permits PV Guest Breakout
Xen - Broken Check in memoryexchange Permits PV Guest Breakout Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1184 This bug report describes a vulnerability in memoryexchange that permits PV guest kernels to write to an arbitrary virtual address with hypervisor privileges. The...
xen-kernel -- broken check in memory_exchange() permits PV guest breakout
The Xen Project reports: The XSA-29 fix introduced an insufficient check on XENMEMexchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays. A malicious or buggy 64-bit PV guest may be able to access all of system memory, allowing fo...
SUSE SLED10 / SLES10 Security Update : Xen (SUSE-SU-2012:1606-1)
This update fixes the following security issues in xen : - CVE-2012-5513: XENMEMexchange may overwrite hypervisor memory XSA-29 - CVE-2012-5515: Several memory hypercall operations allow invalid extent order values XSA-31 Also the following bugs have been fixed and upstream patches have been...
OracleVM 2.2 : xen (OVMSA-2012-0058)
The remote OracleVM system is missing necessary patches to address critical security updates : XSA-27: hvm: Limit the size of large HVM op batches orabug 15907978 CVE-2012-5511 XSA-29: add missing guest address range checks to XENMEMexchange handlers orabug 15907996 CVE-2012-5513 XSA-30: xen: fix...
openSUSE: Security Advisory for xen (openSUSE-SU-2012:1687-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 16 : xen-4.1.3-6.fc16 (2012-19828)
A guest can cause xen to crash XSA-26, CVE-2012-5510 883082 An HVM guest can cause xen to run slowly or crash XSA-27, CVE-2012-5511 883084 An HVM guest can cause xen to crash or leak information XSA-28, CVE-2012-5512 883085 A PV guest can cause xen to crash and might be able escalate privileges...
Fedora 17 : xen-4.1.3-7.fc17 (2012-19717)
A guest can cause xen to crash XSA-26, CVE-2012-5510 883082 An HVM guest can cause xen to run slowly or crash XSA-27, CVE-2012-5511 883084 An HVM guest can cause xen to crash or leak information XSA-28, CVE-2012-5512 883085 A PV guest can cause xen to crash and might be able escalate privileges...