Download
| Alert*
oval:org.secpod.oval:def:111678
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:111677 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:111670 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:89045300 This update for xen fixes several issues. These security issues were fixed: - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host - CVE-2016-9386: x86 null segments were not always treated as unusable allowing an unprivilege ... oval:org.secpod.oval:def:1800696 CVE-2016-9386, XSA-191: x86 null segments not always treated as unusable Reference CVE-2016-9382, XSA-192: x86 task switch to VM86 mode mis-handled Reference CVE-2016-9385, XSA-193: x86 segment base write emulation lacking canonical address checks Reference CVE-2016-9384, XSA-194: guest 32-bit ELF s ... oval:org.secpod.oval:def:89045342 xen was updated to version 4.7.1 to fix 17 security issues. These security issues were fixed: - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host . - CVE-2016-9386: x86 null segments were not always treated as unusable allo ... oval:org.secpod.oval:def:1800306 CVE-2016-9386, XSA-191: x86 null segments not always treated as unusable. Reference: CVE-2016-9382, XSA-192: x86 task switch to VM86 mode mis-handled. Reference: CVE-2016-9385, XSA-193: x86 segment base write emulation lacking canonical address checks. Reference: CVE-2016-9383, XSA-195: x86 64-bit b ... oval:org.secpod.oval:def:602691 Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-7777 Jan Beulich from SUSE discovered that Xen does not properly honor CR0.TS and CR0.EM for x86 HVM guests, potentially allowing guest u ... |