Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Fedora 23: 2015-11-08 Critical: Xen Security Fixes for VMs

fedora
Calendar Grey November 8, 2015
Dist Fedora Esm H88
Fedora 23 enhances the xen hypervisor's security model, addressing critical vulnerabilities while improving virtual machine reliability and performance.
nine security updates CVE-2015-7969 CVE-2015-7970 CVE-2015-7813 CVE-2015-7814 CVE-2015-7812 CVE-2015-7971 CVE-2015-7835 CVE-2015-7972

Summary

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

Update Information:

nine security updates CVE-2015-7969 CVE-2015-7970 CVE-2015-7813 CVE-2015-7814 CVE-2015-7812 CVE-2015-7971 CVE-2015-7835 CVE-2015-7972

Change Log

References


[ 1 ] Bug #1272519 - CVE-2015-7969 xen: leak of main per-domain vcpu pointer array https://bugzilla.redhat.com/show_bug.cgi?id=1272519 [ 2 ] Bug #1272529 - CVE-2015-7970 xen: Long latency populate-on-demand operation is not preemptible on x86 https://bugzilla.redhat.com/show_bug.cgi?id=1272529 [ 3 ] Bug #1271626 - CVE-2015-7813 xen: Various unimplemented hypercalls log without rate limiting on ARM https://bugzilla.redhat.com/show_bug.cgi?id=1271626 [ 4 ] Bug #1271630 - CVE-2015-7814 xen: Race between domain destruction and memory allocation decrease on ARM https://bugzilla.redhat.com/show_bug.cgi?id=1271630 [ 5 ] Bug #1271621 - CVE-2015-7812 xen: Host crash when preempting a multicall on ARM https://bugzilla.redhat.com/show_bug.cgi?id=1271621 [ 6 ] Bug #1272525 - CVE-2015-7971 xen: Some pmu and profiling hypercalls log without rate limiting on x86 https://bugzilla.redhat.com/show_bug.cgi?id=1272525 [ 7 ] Bug #1271971 - CV...

Read the Full Advisory

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: xen
Product: Fedora 23
Version: 4.5.1
Release: 14.fc23
Summary: Xen is a virtual machine monitor

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.