Описание
ELSA-2008-0892: xen security and bug fix update (IMPORTANT)
[3.0.3-64.el5_2.3]
- Fix overflow in qemu-img (rhbz #454651)
[3.0.3-64.el5_2.2]
- Correctly limit PVFB size CVE-2008-1952 (rhbz #447760)
- Disable QEMU USB disk image format auto-detection CVE-2008-1945 (rhbz #445845)
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
xen
3.0.3-64.el5_2.3
xen-devel
3.0.3-64.el5_2.3
xen-libs
3.0.3-64.el5_2.3
Oracle Linux i386
xen
3.0.3-64.el5_2.3
xen-devel
3.0.3-64.el5_2.3
xen-libs
3.0.3-64.el5_2.3
Связанные CVE
Связанные уязвимости
The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mapping an arbitrary amount of guest memory.
The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mapping an arbitrary amount of guest memory.
The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mapping an arbitrary amount of guest memory.
The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in ...
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.