RHSA-2012:1130-01 -- Redhat xenID: oval:org.secpod.oval:def:500860 | Date: (C)2012-08-25 (M)2023-12-07 |
Class: PATCH | Family: unix |
The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux. A flaw was found in the way the pyGrub boot loader handled compressed kernel images. A privileged guest user in a para-virtualized guest could use this flaw to create a crafted kernel image that, when attempting to boot it, could result in an out-of-memory condition in the privileged domain . Red Hat would like to thank Xinli Niu for reporting this issue. All users of xen are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the xend service must be restarted for this update to take effect.
Platform: |
Red Hat Enterprise Linux 5 |