Executive Summary
Summary | |
---|---|
Title | xen security update |
Informations | |||
---|---|---|---|
Name | RHSA-2011:0496 | First vendor Publication | 2011-05-09 |
Vendor | RedHat | Last vendor Modification | 2011-05-09 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.9 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated xen packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Multi OS (v. 5 client) - i386, x86_64 RHEL Virtualization (v. 5 server) - i386, ia64, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux. It was found that the xc_try_bzip2_decode() and xc_try_lzma_decode() decode routines did not correctly check for a possible buffer size overflow in the decoding loop. As well, several integer overflow flaws and missing error/range checking were found that could lead to an infinite loop. A privileged guest user could use these flaws to crash the guest or, possibly, execute arbitrary code in the privileged management domain (Dom0). (CVE-2011-1583) All xen users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 696927 - CVE-2011-1583 xen: insufficiencies in pv kernel image validation |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2011-0496.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:21927 | |||
Oval ID: | oval:org.mitre.oval:def:21927 | ||
Title: | RHSA-2011:0496: xen security update (Important) | ||
Description: | Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0496-01 CESA-2011:0496 CVE-2011-1583 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23074 | |||
Oval ID: | oval:org.mitre.oval:def:23074 | ||
Title: | ELSA-2011:0496: xen security update (Important) | ||
Description: | Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0496-01 CVE-2011-1583 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for xen CESA-2011:0496 centos5 x86_64 File : nvt/gb_CESA-2011_0496_xen_centos5_x86_64.nasl |
2012-06-28 | Name : Fedora Update for xen FEDORA-2012-9430 File : nvt/gb_fedora_2012_9430_xen_fc15.nasl |
2012-02-21 | Name : Fedora Update for xen FEDORA-2012-1539 File : nvt/gb_fedora_2012_1539_xen_fc15.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2337-1 (xen) File : nvt/deb_2337_1.nasl |
2011-09-07 | Name : Fedora Update for xen FEDORA-2011-10942 File : nvt/gb_fedora_2011_10942_xen_fc15.nasl |
2011-08-09 | Name : CentOS Update for xen CESA-2011:0496 centos5 i386 File : nvt/gb_CESA-2011_0496_xen_centos5_i386.nasl |
2011-07-12 | Name : Fedora Update for xen FEDORA-2011-8421 File : nvt/gb_fedora_2011_8421_xen_fc15.nasl |
2011-07-08 | Name : Fedora Update for xen FEDORA-2011-8403 File : nvt/gb_fedora_2011_8403_xen_fc14.nasl |
2011-06-06 | Name : Fedora Update for xen FEDORA-2011-7421 File : nvt/gb_fedora_2011_7421_xen_fc13.nasl |
2011-06-03 | Name : Fedora Update for xen FEDORA-2011-6914 File : nvt/gb_fedora_2011_6914_xen_fc14.nasl |
2011-05-17 | Name : RedHat Update for xen RHSA-2011:0496-01 File : nvt/gb_RHSA-2011_0496-01_xen.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
73739 | Xen Paravirtualised Guests Decompression Local Overflow Information Disclosure |
73738 | Xen Paravirtualised Guests Decompression Local Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_xen-201105-110510.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_xen-201105-110510.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0496.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110509_xen_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-11-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2337.nasl - Type : ACT_GATHER_INFO |
2011-06-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7421.nasl - Type : ACT_GATHER_INFO |
2011-06-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201105-110505.nasl - Type : ACT_GATHER_INFO |
2011-05-25 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6914.nasl - Type : ACT_GATHER_INFO |
2011-05-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6859.nasl - Type : ACT_GATHER_INFO |
2011-05-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0496.nasl - Type : ACT_GATHER_INFO |
2011-05-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0496.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:54:40 |
|