1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2014-15503

[FEDORA-2014-15503] Fedora 19: xen

Severity High
Affected Packages 1
CVEs 47
Info Packages References Vulnerabilities

Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
Insufficient restrictions on certain MMU update hypercalls,
Missing privilege level checks in x86 emulation of far branches,
Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't
exploitable from xen

Package Affected Version
pkg:rpm/fedora/xen?distro=fedora-19 < 4.2.5.5.fc19
ID
FEDORA-2014-15503
Severity
high
Severity from
CVE-2014-7188
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2014-15503
Published
2014-12-01T19:01:01
(9 years ago)
Modified
2014-12-01T19:01:01
(9 years ago)
Rights
Copyright 2014 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 1160664 Bug #1160664 - CVE-2014-8594 kernel: xen: Insufficient restrictions on certain MMU update hypercalls (xsa109) https://bugzilla.redhat.com/show_bug.cgi?id=1160664
Bugzilla 1160643 Bug #1160643 - CVE-2014-8595 kernel: xen: Missing privilege level checks in x86 emulation of far branches (xsa110) https://bugzilla.redhat.com/show_bug.cgi?id=1160643
Bugzilla 1078846 Bug #1078846 - CVE-2014-0150 qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function https://bugzilla.redhat.com/show_bug.cgi?id=1078846
Bugzilla 1166913 Bug #1166913 - CVE-2014-9030 kernel: xen: Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling https://bugzilla.redhat.com/show_bug.cgi?id=1166913
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/xen?distro=fedora-19 fedora xen < 4.2.5.5.fc19 fedora-19
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date