Scientific Linux Security Update : xen on SL5.x i386/x86

NASLDB: Scientific Linux Security Update : xen on SL5.x i386/x86_64

General

ID: 61408
Name: Scientific Linux Security Update : xen on SL5.x i386/x86_64

Summary: Checks rpm output for the updated packages

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: –
CVSS Temporal Vector: –

Port: 0
Family: Scientific Linux Local Security Checks
Type: Local

Description

The xen packages contain administration tools and the xend service for
managing the kernel-xen kernel for virtualization on Scientific Linux.

A flaw was found in the way the pyGrub boot loader handled compressed
kernel images. A privileged guest user in a para-virtualized guest (a
DomU) could use this flaw to create a crafted kernel image that, when
attempting to boot it, could result in an out-of-memory condition in
the privileged domain (the Dom0). (CVE-2012-2625)

All users of xen are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. After
installing the updated packages, the xend service must be restarted
for this update to take effect.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2012-2625
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2012/07/31
Plugin Release: 2012/08/03

Plugin

Version: 1.1
Filename: sl_20120731_xen_on_SL5_x.nasl
Filesize: 3479 bytes
MD5 Hash: e05a3c147ed03c9f1c3545697e76d602

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG