Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2011-1401

Опубликовано: 24 окт. 2011
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2011-1401: xen security and bug fix update (MODERATE)

[3.0.3-132.el5_7.2]

  • Release device backends before restarting guest on the destination machine (rhbz 743850)
  • Fix SCSI buffer overflow and disable SCSI CD-ROMs (rhbz 736289)

[3.0.3-132.el5_7.1]

  • hotplug: set netback/tap MTU to the same value as the bridge MTU (rhbz 738608)
  • copy the MTU of the physical interface to the Xen bridge (rhbz 738610)

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

xen

3.0.3-132.el5_7.2

xen-devel

3.0.3-132.el5_7.2

xen-libs

3.0.3-132.el5_7.2

Oracle Linux x86_64

xen

3.0.3-132.el5_7.2

xen-devel

3.0.3-132.el5_7.2

xen-libs

3.0.3-132.el5_7.2

Oracle Linux i386

xen

3.0.3-132.el5_7.2

xen-devel

3.0.3-132.el5_7.2

xen-libs

3.0.3-132.el5_7.2

Связанные CVE

CVE-2011-3346

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2011-3346

ubuntu
больше 11 лет назад

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.

redhat логотип

CVE-2011-3346

redhat
почти 14 лет назад

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.

nvd логотип

CVE-2011-3346

nvd
больше 11 лет назад

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.

debian логотип

CVE-2011-3346

debian
больше 11 лет назад

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before ...

github логотип

GHSA-q6jm-gv84-4cp6

github
около 3 лет назад

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.