Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 448
Alerts This Week
Warning Icon 1 448

Fedora 23: 2016-689f240960 Moderate: Fixes for Xen Security Flaws

fedora
Calendar Grey October 14, 2016
Dist Fedora Esm H88
An upgrade to Fedora 23 Xen has been implemented, addressing vulnerabilities related to directory traversal as well as heap overflow problems within the QEMU-KVM features.
qemu-kvm: Directory traversal flaw in 9p virtio backend [CVE-2016-7116] qemu: hw: net: Heap overflow in xlnx.xps-ethernetlite [CVE-2016-7161] CR0.TS and CR0.EM not always honored f...

Summary

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

Update Information:

qemu-kvm: Directory traversal flaw in 9p virtio backend [CVE-2016-7116] qemu: hw: net: Heap overflow in xlnx.xps-ethernetlite [CVE-2016-7161] CR0.TS and CR0.EM not always honored for x86 HVM guest [XSA-190, CVE-2016-7777] ---- update to 4.5.5

Change Log

References


[ 1 ] Bug #1346349 - CVE-2016-7116 Qemu: 9p: directory traversal flaw in 9p virtio backend https://bugzilla.redhat.com/show_bug.cgi?id=1346349 [ 2 ] Bug #1379297 - CVE-2016-7161 qemu: hw: net: Heap overflow in xlnx.xps-ethernetlite https://bugzilla.redhat.com/show_bug.cgi?id=1379297 [ 3 ] Bug #1377789 - CVE-2016-7777 xsa190 xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (XSA-190) https://bugzilla.redhat.com/show_bug.cgi?id=1377789

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: xen
Product: Fedora 23
Version: 4.5.5
Release: 2.fc23
Summary: Xen is a virtual machine monitor

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.