Mehrere Probleme in Xen
ID: | FEDORA-2016-38b20aa50f |
Distribution: | Fedora |
Plattformen: | Fedora 22 |
Datum: | So, 20. März 2016, 07:31 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1981 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8817 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8818 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2391 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2858 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2538 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1922 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1714 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2392 |
Applikationen: | Xen |
Originalnachricht |
|
Name : xen Product : Fedora 22 Version : 4.5.2 Release : 9.fc22 URL : http://xen.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: Qemu: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714 (#1296080) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1296060 - CVE-2016-1714 Qemu: nvram: OOB r/w access in processing firmware configurations https://bugzilla.redhat.com/show_bug.cgi?id=1296060 [ 2 ] Bug #1283934 - CVE-2016-1922 Qemu: i386: null pointer dereference in vapic_write() https://bugzilla.redhat.com/show_bug.cgi?id=1283934 [ 3 ] Bug #1284008 - CVE-2015-8613 Qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info https://bugzilla.redhat.com/show_bug.cgi?id=1284008 [ 4 ] Bug #1298570 - CVE-2016-1981 Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines https://bugzilla.redhat.com/show_bug.cgi?id=1298570 [ 5 ] Bug #1299455 - Qemu: usb ehci out-of-bounds read in ehci_process_itd https://bugzilla.redhat.com/show_bug.cgi?id=1299455 [ 6 ] Bug #1301643 - CVE-2016-2198 Qemu: usb: ehci null pointer dereference in ehci_caps_write https://bugzilla.redhat.com/show_bug.cgi?id=1301643 [ 7 ] Bug #1303106 - CVE-2016-2841 Qemu: net: ne2000: infinite loop in ne2000_receive https://bugzilla.redhat.com/show_bug.cgi?id=1303106 [ 8 ] Bug #1303120 - CVE-2016-2538 Qemu: usb: integer overflow in remote NDIS control message handling https://bugzilla.redhat.com/show_bug.cgi?id=1303120 [ 9 ] Bug #1302299 - CVE-2016-2392 Qemu: usb: null pointer dereference in remote NDIS control message handling https://bugzilla.redhat.com/show_bug.cgi?id=1302299 [ 10 ] Bug #1304794 - CVE-2016-2391 Qemu: usb: multiple eof_timers in ohci module leads to null pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=1304794 [ 11 ] Bug #1296567 - CVE-2016-2857 Qemu: net: out of bounds read in net_checksum_calculate() https://bugzilla.redhat.com/show_bug.cgi?id=1296567 [ 12 ] Bug #1300771 - CVE-2015-8817 CVE-2015-8818 Qemu: OOB access in address_space_rw leads to segmentation fault https://bugzilla.redhat.com/show_bug.cgi?id=1300771 [ 13 ] Bug #1314676 - CVE-2016-2858 Qemu: rng-random: arbitrary stack based allocation leading to corruption https://bugzilla.redhat.com/show_bug.cgi?id=1314676 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce |