ID CVE-2014-8867
Summary The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors.
References
Vulnerable Configurations
  • Red Hat Enterprise Linux 5.0
    cpe:2.3:o:redhat:enterprise_linux:5.0
  • Red Hat Desktop 5.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:5.0
  • Xen Xen 3.2.0
    cpe:2.3:o:xen:xen:3.2.0
  • Xen Xen 3.2.1
    cpe:2.3:o:xen:xen:3.2.1
  • Xen Xen 3.2.2
    cpe:2.3:o:xen:xen:3.2.2
  • Xen Xen 3.2.3
    cpe:2.3:o:xen:xen:3.2.3
  • Xen 4.4.0
    cpe:2.3:o:xen:xen:4.4.0
  • Xen Xen 4.4.1
    cpe:2.3:o:xen:xen:4.4.1
  • Debian Linux 7.0
    cpe:2.3:o:debian:debian_linux:7.0
  • OpenSUSE 13.1
    cpe:2.3:o:opensuse:opensuse:13.1
  • OpenSUSE 13.2
    cpe:2.3:o:opensuse:opensuse:13.2
CVSS
Base: 4.9 (as of 25-08-2016 - 11:17)
Impact:
Exploitability:
CWE CWE-17
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family Misc.
    NASL id CITRIX_XENSERVER_CTX200288.NASL
    description The remote host is running a version of Citrix XenServer that is affected by multiple vulnerabilities : - A local privilege escalation vulnerability exists due to improperly restricted access to 'PHYSDEVOP_{prepare,release}_msix' operations by unprivileged guests. An attacker with access to a guest operating system can exploit this issue to gain elevated privileges on affected computers. (CVE-2014-1666) - A local privilege escalation vulnerability exists due to missing privilege level checks in x86 emulation of far branches. This flaw exists in the CALL, JMP, and RETF instructions in the Intel assembly syntax, and the LCALL, LJMP, and LRET instructions in the AT&T syntax. An attacker with access to a guest operating system can exploit this issue to gain elevated privileges on affected computers. (CVE-2014-8595) - A denial of service vulnerability exists due to a failure to restrict access to the hypercall argument translation feature. An attacker with access to a guest operating system can crash the host with excessive checks on the final register state for 32-bit guests running on a 64-bit hypervisor. (CVE-2014-8866) - A denial of service vulnerability exists due to insufficient bounding of 'REP MOVS' to MMIO emulated inside of the hypervisor. This flaw affects the 'hvm_mmio_intercept()' function in 'intercept.c'. An attacker with access to a guest operating system can exploit this issue to crash the host. (CVE-2014-8867)
    last seen 2019-02-21
    modified 2018-07-09
    plugin id 79745
    published 2014-12-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79745
    title Citrix XenServer Multiple Vulnerabilities (CTX200288)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_XEN-11SP3-2014-11-26-141127.NASL
    description Xen has been updated to version 4.2.5 with additional patches to fix six security issues : - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling. (CVE-2014-9030) - Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor. (CVE-2014-8867) - Excessive checking in compatibility mode hypercall argument translation. (CVE-2014-8866) - Guest user mode triggerable VM exits not handled by hypervisor. (bnc#903850) - Missing privilege level checks in x86 emulation of far branches. (CVE-2014-8595) - Insufficient restrictions on certain MMU update hypercalls (CVE-2014-8594). These non-security issues have been fixed : - Xen save/restore of HVM guests cuts off disk and networking. (bnc#866902) - Windows 2012 R2 fails to boot up with greater than 60 vcpus. (bnc#882089) - Increase limit domUloader to 32MB. (bnc#901317) - Adjust xentop column layout. (bnc#896023)
    last seen 2019-02-21
    modified 2014-12-26
    plugin id 80254
    published 2014-12-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80254
    title SuSE 11.3 Security Update : Xen (SAT Patch Number 10018)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2015-0142.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0142 for details.
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 86670
    published 2015-10-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86670
    title OracleVM 3.2 : xen (OVMSA-2015-0142)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-0783.NASL
    description From Red Hat Security Advisory 2015:0783 : Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * An insufficient bound checking flaw was found in the Xen hypervisor's implementation of acceleration support for the 'REP MOVS' instructions. A privileged HVM guest user could potentially use this flaw to crash the host. (CVE-2014-8867, Important) Red Hat would like to thank Mellanox for reporting CVE-2014-8159, and the Xen project for reporting CVE-2014-8867. This update also fixes the following bugs : * Under memory pressure, cached data was previously flushed to the backing server using the PID of the thread responsible for flushing the data in the Server Message Block (SMB) headers instead of the PID of the thread which actually wrote the data. As a consequence, when a file was locked by the writing thread prior to writing, the server considered writes by the thread flushing the pagecache as being a separate process from writing to a locked file, and thus rejected the writes. In addition, the data to be written was discarded. This update ensures that the correct PID is sent to the server, and data corruption is avoided when data is being written from a client under memory pressure. (BZ#1169304) * This update adds support for new cryptographic hardware in toleration mode for IBM System z. (BZ#1182522) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 82688
    published 2015-04-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82688
    title Oracle Linux 5 : kernel (ELSA-2015-0783)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2014-1691-1.NASL
    description Xen has been updated to fix six security issues : - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling (CVE-2014-9030). - Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor (CVE-2014-8867). - Missing privilege level checks in x86 emulation of far branches (CVE-2014-8595). - Guest user mode triggerable VM exits not handled by hypervisor (bnc#903850). - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation (CVE-2014-7155). - Hypervisor heap contents leaked to guests (CVE-2014-4021). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 83651
    published 2015-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83651
    title SUSE SLES10 Security Update : Xen (SUSE-SU-2014:1691-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3140.NASL
    description Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation. - CVE-2014-8594 Roger Pau Monne and Jan Beulich discovered that incomplete restrictions on MMU update hypercalls may result in privilege escalation. - CVE-2014-8595 Jan Beulich discovered that missing privilege level checks in the x86 emulation of far branches may result in privilege escalation. - CVE-2014-8866 Jan Beulich discovered that an error in compatibility mode hypercall argument translation may result in denial of service. - CVE-2014-8867 Jan Beulich discovered that an insufficient restriction in acceleration support for the 'REP MOVS' instruction may result in denial of service. - CVE-2014-9030 Andrew Cooper discovered a page reference leak in MMU_MACHPHYS_UPDATE handling, resulting in denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 81027
    published 2015-01-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81027
    title Debian DSA-3140-1 : xen - security update
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-129.NASL
    description The XEN virtualization was updated to fix bugs and security issues : Security issues fixed: CVE-2015-0361: XSA-116: xen: xen crash due to use after free on hvm guest teardown CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock starvation CVE-2014-9030: XSA-113: Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling CVE-2014-8867: XSA-112: xen: Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor CVE-2014-8866: XSA-111: xen: Excessive checking in compatibility mode hypercall argument translation CVE-2014-8595: XSA-110: xen: Missing privilege level checks in x86 emulation of far branches CVE-2014-8594: XSA-109: xen: Insufficient restrictions on certain MMU update hypercalls CVE-2013-3495: XSA-59: xen: Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts CVE-2014-5146, CVE-2014-5149: xen: XSA-97 Long latency virtual-mmu operations are not preemptible Bugs fixed : - Restore missing fixes from block-dmmd script - bnc#904255 - XEN boot hangs in early boot on UEFI system - Fix missing banner by restoring figlet program - bnc#903357 - Corrupted save/restore test leaves orphaned data in xenstore - bnc#903359 - Temporary migration name is not cleaned up after migration - bnc#903850 - Xen: guest user mode triggerable VM exits not handled by hypervisor - bnc#866902 - Xen save/restore of HVM guests cuts off disk and networking - bnc#901317 - increase limit domUloader to 32MB - bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF device (SR-IOV) to guest - bnc#882089 - Windows 2012 R2 fails to boot up with greater than 60 vcpus - bsc#900292 - xl: change default dump directory - Update xen2libvirt.py to better detect and handle file formats - bnc#882089 - Windows 2012 R2 fails to boot up with greater than 60 vcpus - bnc#897906 - libxc: check return values on mmap() and madvise() on xc_alloc_hypercall_buffer() - bnc#896023 - Adjust xentop column layout
    last seen 2019-02-21
    modified 2015-02-12
    plugin id 81305
    published 2015-02-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81305
    title openSUSE Security Update : xen (openSUSE-2015-129)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0248.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2018-0248 for details.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 111992
    published 2018-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111992
    title OracleVM 3.4 : xen (OVMSA-2018-0248) (Bunker Buster) (Foreshadow) (Meltdown) (POODLE) (Spectre)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201504-04.NASL
    description The remote host is affected by the vulnerability described in GLSA-201504-04 (Xen: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact : A local attacker could possibly cause a Denial of Service condition or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2015-04-17
    plugin id 82734
    published 2015-04-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82734
    title GLSA-201504-04 : Xen: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2014-1710-1.NASL
    description xen was updated to fix 14 security issues : - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling (CVE-2014-9030). - Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor (CVE-2014-8867). - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation (CVE-2014-7155). - Hypervisor heap contents leaked to guests (CVE-2014-4021). - Missing privilege level checks in x86 emulation of far branches (CVE-2014-8595). - Insufficient restrictions on certain MMU update hypercalls (CVE-2014-8594). - Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts (CVE-2013-3495). - Missing privilege level checks in x86 emulation of software interrupts (CVE-2014-7156). - Race condition in HVMOP_track_dirty_vram (CVE-2014-7154). - Improper MSR range used for x2APIC emulation (CVE-2014-7188). - HVMOP_set_mem_type allows invalid P2M entries to be created (CVE-2014-3124). - HVMOP_set_mem_access is not preemptible (CVE-2014-2599). - Excessive checking in compatibility mode hypercall argument translation (CVE-2014-8866). - Guest user mode triggerable VM exits not handled by hypervisor (bnc#903850). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 83654
    published 2015-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83654
    title SUSE SLES11 Security Update : xen (SUSE-SU-2014:1710-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-113.NASL
    description The virtualization software XEN was updated to version 4.3.3 and also to fix bugs and security issues. Security issues fixed: CVE-2015-0361: XSA-116: xen: xen crash due to use after free on hvm guest teardown CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock starvation CVE-2014-9030: XSA-113: Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling CVE-2014-8867: XSA-112: xen: Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor CVE-2014-8866: XSA-111: xen: Excessive checking in compatibility mode hypercall argument translation CVE-2014-8595: XSA-110: xen: Missing privilege level checks in x86 emulation of far branches CVE-2014-8594: XSA-109: xen: Insufficient restrictions on certain MMU update hypercalls CVE-2013-3495: XSA-59: xen: Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts CVE-2014-5146, CVE-2014-5149: xen: XSA-97 Long latency virtual-mmu operations are not preemptible Bugs fixed : - bnc#903357 - Corrupted save/restore test leaves orphaned data in xenstore - bnc#903359 - Temporary migration name is not cleaned up after migration - bnc#903850 - VUL-0: Xen: guest user mode triggerable VM exits not handled by hypervisor - bnc#866902 - L3: Xen save/restore of HVM guests cuts off disk and networking - bnc#901317 - L3: increase limit domUloader to 32MB domUloader.py - bnc#882089 - Windows 2012 R2 fails to boot up with greater than 60 vcpus - bsc#900292 - xl: change default dump directory - Update to Xen 4.3.3
    last seen 2019-02-21
    modified 2015-02-09
    plugin id 81239
    published 2015-02-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81239
    title openSUSE Security Update : xen (openSUSE-2015-113)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2015-0004.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0004 for details.
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 80928
    published 2015-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80928
    title OracleVM 3.3 : xen (OVMSA-2015-0004)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2014-1732-1.NASL
    description xen was updated to fix 10 security issues : - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling (CVE-2014-9030). - Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor (CVE-2014-8867). - Missing privilege level checks in x86 emulation of far branches (CVE-2014-8595). - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation (CVE-2014-7155). - Hypervisor heap contents leaked to guests (CVE-2014-4021). - Missing privilege level checks in x86 emulation of far branches (CVE-2014-8595). - Insufficient restrictions on certain MMU update hypercalls (CVE-2014-8594). - Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts (CVE-2013-3495). - Missing privilege level checks in x86 emulation of software interrupts (CVE-2014-7156). - Race condition in HVMOP_track_dirty_vram (CVE-2014-7154). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 83659
    published 2015-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83659
    title SUSE SLES11 Security Update : xen (SUSE-SU-2014:1732-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20150407_KERNEL_ON_SL5_X.NASL
    description - It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) - An insufficient bound checking flaw was found in the Xen hypervisor's implementation of acceleration support for the 'REP MOVS' instructions. A privileged HVM guest user could potentially use this flaw to crash the host. (CVE-2014-8867, Important) This update also fixes the following bugs : - Under memory pressure, cached data was previously flushed to the backing server using the PID of the thread responsible for flushing the data in the Server Message Block (SMB) headers instead of the PID of the thread which actually wrote the data. As a consequence, when a file was locked by the writing thread prior to writing, the server considered writes by the thread flushing the pagecache as being a separate process from writing to a locked file, and thus rejected the writes. In addition, the data to be written was discarded. This update ensures that the correct PID is sent to the server, and data corruption is avoided when data is being written from a client under memory pressure. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 82638
    published 2015-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82638
    title Scientific Linux Security Update : kernel on SL5.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2015-0783.NASL
    description Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * An insufficient bound checking flaw was found in the Xen hypervisor's implementation of acceleration support for the 'REP MOVS' instructions. A privileged HVM guest user could potentially use this flaw to crash the host. (CVE-2014-8867, Important) Red Hat would like to thank Mellanox for reporting CVE-2014-8159, and the Xen project for reporting CVE-2014-8867. This update also fixes the following bugs : * Under memory pressure, cached data was previously flushed to the backing server using the PID of the thread responsible for flushing the data in the Server Message Block (SMB) headers instead of the PID of the thread which actually wrote the data. As a consequence, when a file was locked by the writing thread prior to writing, the server considered writes by the thread flushing the pagecache as being a separate process from writing to a locked file, and thus rejected the writes. In addition, the data to be written was discarded. This update ensures that the correct PID is sent to the server, and data corruption is avoided when data is being written from a client under memory pressure. (BZ#1169304) * This update adds support for new cryptographic hardware in toleration mode for IBM System z. (BZ#1182522) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 82621
    published 2015-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82621
    title CentOS 5 : kernel (CESA-2015:0783)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-0783.NASL
    description Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * An insufficient bound checking flaw was found in the Xen hypervisor's implementation of acceleration support for the 'REP MOVS' instructions. A privileged HVM guest user could potentially use this flaw to crash the host. (CVE-2014-8867, Important) Red Hat would like to thank Mellanox for reporting CVE-2014-8159, and the Xen project for reporting CVE-2014-8867. This update also fixes the following bugs : * Under memory pressure, cached data was previously flushed to the backing server using the PID of the thread responsible for flushing the data in the Server Message Block (SMB) headers instead of the PID of the thread which actually wrote the data. As a consequence, when a file was locked by the writing thread prior to writing, the server considered writes by the thread flushing the pagecache as being a separate process from writing to a locked file, and thus rejected the writes. In addition, the data to be written was discarded. This update ensures that the correct PID is sent to the server, and data corruption is avoided when data is being written from a client under memory pressure. (BZ#1169304) * This update adds support for new cryptographic hardware in toleration mode for IBM System z. (BZ#1182522) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 82637
    published 2015-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82637
    title RHEL 5 : kernel (RHSA-2015:0783)
redhat via4
advisories
bugzilla
id 1181166
title CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical memory access
oval
AND
  • comment Red Hat Enterprise Linux 5 is installed
    oval oval:com.redhat.rhba:tst:20070331001
  • OR
    • AND
      • comment kernel is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783002
      • comment kernel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314003
    • AND
      • comment kernel-PAE is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783022
      • comment kernel-PAE is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314021
    • AND
      • comment kernel-PAE-devel is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783020
      • comment kernel-PAE-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314023
    • AND
      • comment kernel-debug is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783012
      • comment kernel-debug is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314015
    • AND
      • comment kernel-debug-devel is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783014
      • comment kernel-debug-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314009
    • AND
      • comment kernel-devel is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783006
      • comment kernel-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314007
    • AND
      • comment kernel-doc is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783024
      • comment kernel-doc is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314025
    • AND
      • comment kernel-headers is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783004
      • comment kernel-headers is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314005
    • AND
      • comment kernel-kdump is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783018
      • comment kernel-kdump is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314017
    • AND
      • comment kernel-kdump-devel is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783016
      • comment kernel-kdump-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314019
    • AND
      • comment kernel-xen is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783010
      • comment kernel-xen is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314011
    • AND
      • comment kernel-xen-devel is earlier than 0:2.6.18-404.el5
        oval oval:com.redhat.rhsa:tst:20150783008
      • comment kernel-xen-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20080314013
rhsa
id RHSA-2015:0783
released 2015-04-07
severity Important
title RHSA-2015:0783: kernel security and bug fix update (Important)
rpms
  • kernel-0:2.6.18-404.el5
  • kernel-PAE-0:2.6.18-404.el5
  • kernel-PAE-devel-0:2.6.18-404.el5
  • kernel-debug-0:2.6.18-404.el5
  • kernel-debug-devel-0:2.6.18-404.el5
  • kernel-devel-0:2.6.18-404.el5
  • kernel-doc-0:2.6.18-404.el5
  • kernel-headers-0:2.6.18-404.el5
  • kernel-kdump-0:2.6.18-404.el5
  • kernel-kdump-devel-0:2.6.18-404.el5
  • kernel-xen-0:2.6.18-404.el5
  • kernel-xen-devel-0:2.6.18-404.el5
refmap via4
bid 71331
confirm
debian DSA-3140
gentoo GLSA-201504-04
secunia
  • 59949
  • 62672
suse
  • openSUSE-SU-2015:0226
  • openSUSE-SU-2015:0256
Last major update 21-12-2016 - 21:59
Published 01-12-2014 - 10:59
Last modified 30-10-2018 - 12:27
Back to Top