[FEDORA-2014-15503] Fedora 19: xen
Severity
High
Affected Packages
1
CVEs
47
Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
Insufficient restrictions on certain MMU update hypercalls,
Missing privilege level checks in x86 emulation of far branches,
Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't
exploitable from xen
Package | Affected Version |
---|---|
pkg:rpm/fedora/xen?distro=fedora-19 | < 4.2.5.5.fc19 |
- ID
- FEDORA-2014-15503
- Severity
- high
- Severity from
- CVE-2014-7188
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2014-15503
- Published
-
2014-12-01T19:01:01
(9 years ago) - Modified
-
2014-12-01T19:01:01
(9 years ago) - Rights
- Copyright 2014 Red Hat, Inc.
- Other Advisories
-
- DSA-2666-1
- DSA-2909-1
- DSA-2910-1
- DSA-3006-1
- DSA-3041-1
- DSA-3128-1
- DSA-3140-1
- ELSA-2013-1449
- ELSA-2013-1790
- ELSA-2014-0108
- ELSA-2014-0285
- ELSA-2014-0420
- ELSA-2014-0926
- ELSA-2014-3034
- FEDORA-2013-10136
- FEDORA-2013-10247
- FEDORA-2013-10908
- FEDORA-2013-10929
- FEDORA-2013-10941
- FEDORA-2013-11768
- FEDORA-2013-11785
- FEDORA-2013-11837
- FEDORA-2013-11871
- FEDORA-2013-11874
- FEDORA-2013-16357
- FEDORA-2013-16371
- FEDORA-2013-17689
- FEDORA-2013-17704
- FEDORA-2013-17723
- FEDORA-2013-18300
- FEDORA-2013-18373
- FEDORA-2013-18378
- FEDORA-2013-19048
- FEDORA-2013-19053
- FEDORA-2013-20517
- FEDORA-2013-20544
- FEDORA-2013-20555
- FEDORA-2013-21000
- FEDORA-2013-21041
- FEDORA-2013-21057
- FEDORA-2013-22312
- FEDORA-2013-22325
- FEDORA-2013-22754
- FEDORA-2013-22866
- FEDORA-2013-22888
- FEDORA-2013-23251
- FEDORA-2013-23457
- FEDORA-2013-23466
- FEDORA-2013-7406
- FEDORA-2013-7426
- FEDORA-2013-7432
- FEDORA-2013-8571
- FEDORA-2013-8590
- FEDORA-2014-10445
- FEDORA-2014-11271
- FEDORA-2014-11641
- FEDORA-2014-12000
- FEDORA-2014-12002
- FEDORA-2014-12036
- FEDORA-2014-14033
- FEDORA-2014-1552
- FEDORA-2014-15521
- FEDORA-2014-1559
- FEDORA-2014-15951
- FEDORA-2014-15995
- FEDORA-2014-16017
- FEDORA-2014-16626
- FEDORA-2014-2170
- FEDORA-2014-2188
- FEDORA-2014-2802
- FEDORA-2014-2862
- FEDORA-2014-4424
- FEDORA-2014-4458
- FEDORA-2014-5825
- FEDORA-2014-5915
- FEDORA-2014-5941
- FEDORA-2014-6288
- FEDORA-2014-6970
- FEDORA-2014-7408
- FEDORA-2014-7423
- FEDORA-2014-7722
- FEDORA-2014-7734
- FEDORA-2014-8183
- FEDORA-2014-9472
- FEDORA-2014-9493
- FEDORA-2015-0331
- FEDORA-2015-0345
- FEDORA-2015-11247
- FEDORA-2015-12714
- FEDORA-2015-1886
- FEDORA-2015-3721
- FEDORA-2015-3944
- FEDORA-2015-5208
- FEDORA-2015-5402
- FEDORA-2015-6583
- FEDORA-2015-6670
- FEDORA-2015-8248
- FEDORA-2015-8252
- FEDORA-2015-8270
- FEDORA-2015-9466
- FEDORA-2015-9965
- FEDORA-2015-9978
- GLSA-201309-24
- GLSA-201407-03
- GLSA-201408-17
- GLSA-201412-42
- GLSA-201504-04
- RHSA-2014:0420
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0652-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:0870-1
- SUSE-SU-2015:0889-1
- SUSE-SU-2015:0940-1
- SUSE-SU-2015:1152-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- USN-2092-1
- USN-2182-1
- XSA-100
- XSA-104
- XSA-105
- XSA-106
- XSA-108
- XSA-109
- XSA-110
- XSA-113
- XSA-45
- XSA-55
- XSA-57
- XSA-58
- XSA-60
- XSA-61
- XSA-62
- XSA-63
- XSA-66
- XSA-67
- XSA-68
- XSA-69
- XSA-70
- XSA-71
- XSA-72
- XSA-73
- XSA-74
- XSA-75
- XSA-76
- XSA-78
- XSA-80
- XSA-82
- XSA-83
- XSA-84
- XSA-85
- XSA-86
- XSA-87
- XSA-88
- XSA-89
- XSA-92
- XSA-96
- XSA-97
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1160664 | Bug #1160664 - CVE-2014-8594 kernel: xen: Insufficient restrictions on certain MMU update hypercalls (xsa109) | https://bugzilla.redhat.com/show_bug.cgi?id=1160664 |
Bugzilla | 1160643 | Bug #1160643 - CVE-2014-8595 kernel: xen: Missing privilege level checks in x86 emulation of far branches (xsa110) | https://bugzilla.redhat.com/show_bug.cgi?id=1160643 |
Bugzilla | 1078846 | Bug #1078846 - CVE-2014-0150 qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function | https://bugzilla.redhat.com/show_bug.cgi?id=1078846 |
Bugzilla | 1166913 | Bug #1166913 - CVE-2014-9030 kernel: xen: Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling | https://bugzilla.redhat.com/show_bug.cgi?id=1166913 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/xen?distro=fedora-19 | fedora | xen | < 4.2.5.5.fc19 | fedora-19 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |