1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2014-2188

[FEDORA-2014-2188] Fedora 19: xen

Severity High
Affected Packages 1
CVEs 31
Info Packages References Vulnerabilities

three security fixes:
integer overflow in several XSM/Flask hypercalls [XSA-84]
Off-by-one error in FLASK_AVC_CACHESTAT hypercall [XSA-85]
libvchan failure handling malicious ring indexes [XSA-86]

Package Affected Version
pkg:rpm/fedora/xen?distro=fedora-19 < 4.2.3.15.fc19
ID
FEDORA-2014-2188
Severity
high
Severity from
CVE-2014-1666
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2014-2188
Published
2014-02-16T23:17:37
(10 years ago)
Modified
2014-02-16T23:17:37
(10 years ago)
Rights
Copyright 2014 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 1062326 Bug #1062326 - CVE-2014-1891 CVE-2014-1892 CVE-2014-1893 CVE-2014-1894 xen: integer overflow in several XSM/Flask hypercalls (xsa-84) https://bugzilla.redhat.com/show_bug.cgi?id=1062326
Bugzilla 1062329 Bug #1062329 - CVE-2014-1895 xen: Off-by-one error in FLASK_AVC_CACHESTAT hypercall (xsa-85) https://bugzilla.redhat.com/show_bug.cgi?id=1062329
Bugzilla 1062331 Bug #1062331 - CVE-2014-1896 xen: libvchan failure handling malicious ring indexes (xsa-86) https://bugzilla.redhat.com/show_bug.cgi?id=1062331
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/xen?distro=fedora-19 fedora xen < 4.2.3.15.fc19 fedora-19
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date