Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Scientific Linux SL5: SLSA-2016:2963-1 Xen Critical Privilege Escalation

Calendar Dec 20, 2016 User Avatar LinuxSecurity Advisories
1 - 2 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory privilege escalation critical threat xen Scientific Linux
Important: xen security update 
Date: Tue, 20 Dec 2016 16:43:00 -0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: xen on SL5.x i386/x86_64
MIME-Version: 1.0
Message-ID: <20161220164300.28913.83643@slpackages.fnal.gov>

Synopsis: Important: xen security update
Advisory ID: SLSA-2016:2963-1
Issue Date: 2016-12-20
CVE Numbers: CVE-2016-9637
--

Security Fix(es):

* An out of bounds array access issue was found in the Xen virtual machine
monitor, built with the QEMU ioport support. It could occur while doing
ioport read/write operations, if guest was to supply a 32bit address
parameter. A privileged guest user/process could use this flaw to
potentially escalate their privileges on a host. (CVE-2016-9637)
--

SL5
 x86_64
 xen-debuginfo-3.0.3-148.el5_11.i386.rpm
 xen-debuginfo-3.0.3-148.el5_11.x86_64.rpm
 xen-libs-3.0.3-148.el5_11.i386.rpm
 xen-libs-3.0.3-148.el5_11.x86_64.rpm
 xen-3.0.3-148.el5_11.x86_64.rpm
 xen-devel-3.0.3-148.el5_11.i386.rpm
 xen-devel-3.0.3-148.el5_11.x86_64.rpm
 i386
 xen-debuginfo-3.0.3-148.el5_11.i386.rpm
 xen-libs-3.0.3-148.el5_11.i386.rpm
 xen-3.0.3-148.el5_11.i386.rpm
 xen-devel-3.0.3-148.el5_11.i386.rpm

- Scientific Linux Development Team

Related News

Your message here