What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-12679
2015-08-03 16:36:08
--------------------------------------------------------------------------------

Name        : xen
Product     : Fedora 23
Version     : 4.5.1
Release     : 5.fc23
URL         : https://xen.org/
Summary     : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor

--------------------------------------------------------------------------------
Update Information:

QEMU heap overflow flaw while processing certain ATAPI commands.
[XSA-138, CVE-2015-5154] (#1247142)
try again to fix xen-qemu-dom0-disk-backend.service (#1242246)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1243563 - CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access
        https://bugzilla.redhat.com/show_bug.cgi?id=1243563
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update xen' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Fedora 23: xen Security Update 2015-12679

August 10, 2015
QEMU heap overflow flaw while processing certain ATAPI commands

Summary

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

Update Information:

QEMU heap overflow flaw while processing certain ATAPI commands. [XSA-138, CVE-2015-5154] (#1247142) try again to fix xen-qemu-dom0-disk-backend.service (#1242246)

Change Log

References

[ 1 ] Bug #1243563 - CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access https://bugzilla.redhat.com/show_bug.cgi?id=1243563

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : xen
Product : Fedora 23
Version : 4.5.1
Release : 5.fc23
URL : https://xen.org/
Summary : Xen is a virtual machine monitor

Related News

CVE-2023-4911: Looney Tunables – Local Privilege Escalation in the glibc’s ld.so

Oct 19, 2023

Mitigations for Critical c-ares DoS, Code Execution Bug Released

Sep 29, 2023

Critical BusyBox Stack Overflow Vuln Fixed

Sep 22, 2023

Remotely Exploitable Poppler DoS Bugs Fixed - Update Now!

Sep 22, 2023

News

Advisories

HOWTOs

Features

Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap

About Us

Powered By

Footer Logo