Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Tue, 20 Dec 2016 16:43:00 -0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Important: xen on SL5.x i386/x86_64 MIME-Version: 1.0 Message-ID: <20161220164300.28913.83643@slpackages.fnal.gov> Synopsis: Important: xen security update Advisory ID: SLSA-2016:2963-1 Issue Date: 2016-12-20 CVE Numbers: CVE-2016-9637 -- Security Fix(es): * An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bit address parameter. A privileged guest user/process could use this flaw to potentially escalate their privileges on a host. (CVE-2016-9637) -- SL5 x86_64 xen-debuginfo-3.0.3-148.el5_11.i386.rpm xen-debuginfo-3.0.3-148.el5_11.x86_64.rpm xen-libs-3.0.3-148.el5_11.i386.rpm xen-libs-3.0.3-148.el5_11.x86_64.rpm xen-3.0.3-148.el5_11.x86_64.rpm xen-devel-3.0.3-148.el5_11.i386.rpm xen-devel-3.0.3-148.el5_11.x86_64.rpm i386 xen-debuginfo-3.0.3-148.el5_11.i386.rpm xen-libs-3.0.3-148.el5_11.i386.rpm xen-3.0.3-148.el5_11.i386.rpm xen-devel-3.0.3-148.el5_11.i386.rpm - Scientific Linux Development Team