Synopsis: Important: xen security update
Advisory ID: SLSA-2016:2963-1
Issue Date: 2016-12-20
CVE Numbers: CVE-2016-9637
—
Security Fix(es):
* An out of bounds array access issue was found in the Xen virtual machine
monitor, built with the QEMU ioport support. It could occur while doing
ioport read/write operations, if guest was to supply a 32bit address
parameter. A privileged guest user/process could use this flaw to
potentially escalate their privileges on a host. (CVE-2016-9637)
—
SL5
x86_64
xen-debuginfo-3.0.3-148.el5_11.i386.rpm
xen-debuginfo-3.0.3-148.el5_11.x86_64.rpm
xen-libs-3.0.3-148.el5_11.i386.rpm
xen-libs-3.0.3-148.el5_11.x86_64.rpm
xen-3.0.3-148.el5_11.x86_64.rpm
xen-devel-3.0.3-148.el5_11.i386.rpm
xen-devel-3.0.3-148.el5_11.x86_64.rpm
i386
xen-debuginfo-3.0.3-148.el5_11.i386.rpm
xen-libs-3.0.3-148.el5_11.i386.rpm
xen-3.0.3-148.el5_11.i386.rpm
xen-devel-3.0.3-148.el5_11.i386.rpm
– Scientific Linux Development Team
