Fedora

Fedora 20 Security Update: xen-4.3.4-6.fc20

Leave a comment

Resolved Bugs
1223846 – CVE-2015-4103 xen: potential unintended writes to host MSI message data field via qemu (xsa-128)
1223851 – CVE-2015-4104 xen: PCI MSI mask bits inadvertently exposed to guests (xsa-129)
1223853 – xen: guest triggerable qemu MSI-X pass-through error messages (xsa-130)
1223859 – xen: unmediated PCI register access in qemu (xsa-131)
1230537 – CVE-2015-3209 xen: qemu: pcnet: multi-tmd buffer overflow in the tx path [fedora-all]
1225882 – CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path
1227627 – CVE-2015-4103 xen: potential unintended writes to host MSI message data field via qemu (xsa-128) [fedora-all]
1227628 – CVE-2015-4104 xen: PCI MSI mask bits inadvertently exposed to guests (xsa-129) [fedora-all]
1227629 – CVE-2015-4105 xen: guest triggerable qemu MSI-X pass-through error messages (xsa-130) [fedora-all]
1227631 – CVE-2015-4106 xen: unmediated PCI register access in qemu (xsa-131) [fedora-all]<br
Heap overflow in QEMU PCNET controller, allowing guest->host escape
[XSA-135, CVE-2015-3209] (#1230537)
GNTTABOP_swap_grant_ref operation misbehavior [XSA-134, CVE-2015-4163]
vulnerability in the iret hypercall handler [XSA-136, CVE-2015-4164]
Potential unintended writes to host MSI message data field via qemu
[XSA-128, CVE-2015-4103],
PCI MSI mask bits inadvertently exposed to guests [XSA-129,
CVE-2015-4104],
Guest triggerable qemu MSI-X pass-through error messages [XSA-130,
CVE-2015-4105],
Unmediated PCI register access in qemu [XSA-131, CVE-2015-4106]

Leave a Reply