The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of XenServer

computer vulnerability bulletin CVE-2016-9379 CVE-2016-9380

Xen: information disclosure via Pygrub Delimiter Injection

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Pygrub Delimiter Injection of Xen, in order to obtain sensitive information.
Impacted products: XenServer, Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 1/4.
Consequences: data reading.
Provenance: privileged shell.
Number of vulnerabilities in this bulletin: 2.
Creation date: 22/11/2016.
Identifiers: CERTFR-2016-AVI-387, CERTFR-2016-AVI-389, CTX218775, CVE-2016-9379, CVE-2016-9380, DLA-720-1, DSA-3729-1, FEDORA-2016-68b71978a1, FEDORA-2016-95c104a4c6, FEDORA-2016-999e1a6927, openSUSE-SU-2016:3134-1, openSUSE-SU-2017:0007-1, openSUSE-SU-2017:0008-1, SUSE-SU-2016:3044-1, SUSE-SU-2016:3067-1, SUSE-SU-2016:3083-1, SUSE-SU-2016:3156-1, SUSE-SU-2016:3174-1, SUSE-SU-2016:3273-1, VIGILANCE-VUL-21188, XSA-198.

Description of the vulnerability

An attacker can bypass access restrictions to data via Pygrub Delimiter Injection of Xen, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2016-9381

Xen: privilege escalation via Shared Ring

Synthesis of the vulnerability

An attacker can bypass restrictions via Shared Ring of Xen, in order to escalate his privileges.
Impacted products: XenServer, Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Xen.
Severity: 1/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: privileged shell.
Creation date: 22/11/2016.
Identifiers: CERTFR-2016-AVI-387, CERTFR-2016-AVI-389, CTX218775, CVE-2016-9381, DLA-720-1, FEDORA-2016-68b71978a1, FEDORA-2016-95c104a4c6, FEDORA-2016-999e1a6927, FEDORA-2017-12394e2cc7, FEDORA-2017-b953d4d3a4, openSUSE-SU-2016:3134-1, openSUSE-SU-2017:0007-1, openSUSE-SU-2017:0008-1, openSUSE-SU-2017:0194-1, SUSE-SU-2016:3044-1, SUSE-SU-2016:3067-1, SUSE-SU-2016:3083-1, SUSE-SU-2016:3156-1, SUSE-SU-2016:3174-1, SUSE-SU-2016:3273-1, SUSE-SU-2017:0127-1, USN-3261-1, VIGILANCE-VUL-21187, XSA-197.

Description of the vulnerability

An attacker can bypass restrictions via Shared Ring of Xen, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-9377 CVE-2016-9378

Xen: denial of service via X86 Software Interrupt

Synthesis of the vulnerability

An attacker, inside a guest system, can generate a fatal error via X86 Software Interrupt of Xen, in order to trigger a denial of service on the host system.
Impacted products: XenServer, Fedora, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 2.
Creation date: 22/11/2016.
Identifiers: CERTFR-2016-AVI-387, CERTFR-2016-AVI-389, CTX218775, CVE-2016-9377, CVE-2016-9378, FEDORA-2016-68b71978a1, FEDORA-2016-95c104a4c6, FEDORA-2016-999e1a6927, openSUSE-SU-2016:3134-1, openSUSE-SU-2017:0007-1, SUSE-SU-2016:3067-1, SUSE-SU-2016:3083-1, VIGILANCE-VUL-21186, XSA-196.

Description of the vulnerability

An attacker, inside a guest system, can generate a fatal error via X86 Software Interrupt of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-9383

Xen: privilege escalation via X86 64-bit Bit Test Instruction

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass restrictions via X86 64-bit Bit Test Instruction of Xen, in order to escalate his privileges on the host system.
Impacted products: XenServer, Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 22/11/2016.
Identifiers: CERTFR-2016-AVI-387, CERTFR-2016-AVI-389, CTX218775, CVE-2016-9383, DLA-720-1, DSA-3729-1, FEDORA-2016-68b71978a1, FEDORA-2016-95c104a4c6, FEDORA-2016-999e1a6927, openSUSE-SU-2016:3134-1, openSUSE-SU-2017:0007-1, openSUSE-SU-2017:0008-1, SUSE-SU-2016:3044-1, SUSE-SU-2016:3067-1, SUSE-SU-2016:3083-1, SUSE-SU-2016:3156-1, SUSE-SU-2016:3174-1, SUSE-SU-2016:3273-1, VIGILANCE-VUL-21185, XSA-195.

Description of the vulnerability

An attacker, inside a guest system, can bypass restrictions via X86 64-bit Bit Test Instruction of Xen, in order to escalate his privileges on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-9384

Xen: information disclosure via 32-bit ELF Symbol Table

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass access restrictions to data via 32-bit ELF Symbol Table of Xen, in order to obtain sensitive information on the host system.
Impacted products: XenServer, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 22/11/2016.
Identifiers: CERTFR-2016-AVI-387, CERTFR-2016-AVI-389, CTX218775, CVE-2016-9384, openSUSE-SU-2016:3134-1, SUSE-SU-2016:3067-1, SUSE-SU-2016:3083-1, VIGILANCE-VUL-21184, XSA-194.

Description of the vulnerability

An attacker, inside a guest system, can bypass access restrictions to data via 32-bit ELF Symbol Table of Xen, in order to obtain sensitive information on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-9385

Xen: denial of service via X86 Segment Base Write

Synthesis of the vulnerability

An attacker can generate a fatal error via X86 Segment Base Write of Xen, in order to trigger a denial of service.
Impacted products: XenServer, Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: privileged shell.
Creation date: 22/11/2016.
Identifiers: CERTFR-2016-AVI-387, CERTFR-2016-AVI-389, CTX218775, CVE-2016-9385, DSA-3729-1, FEDORA-2016-68b71978a1, FEDORA-2016-95c104a4c6, FEDORA-2016-999e1a6927, openSUSE-SU-2016:3134-1, openSUSE-SU-2017:0007-1, openSUSE-SU-2017:0008-1, SUSE-SU-2016:3067-1, SUSE-SU-2016:3083-1, SUSE-SU-2016:3156-1, SUSE-SU-2016:3174-1, VIGILANCE-VUL-21183, XSA-193.

Description of the vulnerability

An attacker can generate a fatal error via X86 Segment Base Write of Xen, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2016-9382

Xen: privilege escalation via X86 Task Switch

Synthesis of the vulnerability

An attacker can bypass restrictions via X86 Task Switch of Xen, in order to escalate his privileges.
Impacted products: XenServer, Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 1/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 22/11/2016.
Identifiers: CERTFR-2016-AVI-387, CERTFR-2016-AVI-389, CTX218775, CVE-2016-9382, DLA-720-1, DSA-3729-1, FEDORA-2016-68b71978a1, FEDORA-2016-95c104a4c6, FEDORA-2016-999e1a6927, openSUSE-SU-2016:3134-1, openSUSE-SU-2017:0007-1, openSUSE-SU-2017:0008-1, SUSE-SU-2016:3044-1, SUSE-SU-2016:3067-1, SUSE-SU-2016:3083-1, SUSE-SU-2016:3156-1, SUSE-SU-2016:3174-1, SUSE-SU-2016:3273-1, VIGILANCE-VUL-21182, XSA-192.

Description of the vulnerability

An attacker can bypass restrictions via X86 Task Switch of Xen, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-9386

Xen: privilege escalation via X86 Null Segments

Synthesis of the vulnerability

An attacker can bypass restrictions via X86 Null Segments of Xen, in order to escalate his privileges.
Impacted products: XenServer, Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 22/11/2016.
Identifiers: CERTFR-2016-AVI-387, CERTFR-2016-AVI-389, CTX218775, CVE-2016-9386, DLA-720-1, DSA-3729-1, FEDORA-2016-68b71978a1, FEDORA-2016-95c104a4c6, FEDORA-2016-999e1a6927, openSUSE-SU-2016:3134-1, openSUSE-SU-2017:0007-1, openSUSE-SU-2017:0008-1, SUSE-SU-2016:3044-1, SUSE-SU-2016:3067-1, SUSE-SU-2016:3083-1, SUSE-SU-2016:3156-1, SUSE-SU-2016:3174-1, SUSE-SU-2016:3273-1, VIGILANCE-VUL-21181, XSA-191.

Description of the vulnerability

An attacker can bypass restrictions via X86 Null Segments of Xen, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2016-7777

Xen: information disclosure via HVM CR0.TS/EM

Synthesis of the vulnerability

An attacker can use CR0.TS/EM on Xen x86 HVM, in order to obtain sensitive information on the current system.
Impacted products: XenServer, Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 04/10/2016.
Identifiers: CERTFR-2016-AVI-328, CTX217363, CVE-2016-7777, DLA-699-1, DSA-3729-1, FEDORA-2016-4c407cd849, FEDORA-2016-689f240960, openSUSE-SU-2016:3134-1, openSUSE-SU-2017:0007-1, openSUSE-SU-2017:0008-1, SUSE-SU-2016:3044-1, SUSE-SU-2016:3067-1, SUSE-SU-2016:3083-1, SUSE-SU-2016:3156-1, SUSE-SU-2016:3174-1, SUSE-SU-2016:3273-1, VIGILANCE-VUL-20762, XSA-190.

Description of the vulnerability

The Xen product can manage x86 HVM guest systems.

However, an attacker can raise a Device Not Available Exception while CR0.EM or CR0.TS are set, which can be used to read a register of another task on the same VM.

An attacker can therefore use CR0.TS/EM on Xen x86 HVM, in order to obtain sensitive information on the current system.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2016-7154

Xen: use after free via FIFO

Synthesis of the vulnerability

An attacker, inside a guest system, can force the usage of a freed memory area via FIFO of Xen, in order to trigger a denial of service, and possibly to run code on the host system.
Impacted products: XenServer, Debian, openSUSE, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 1/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server, denial of service on service.
Provenance: privileged shell.
Creation date: 08/09/2016.
Identifiers: CERTFR-2016-AVI-301, CERTFR-2016-AVI-303, CTX216071, CVE-2016-7154, DSA-3663-1, openSUSE-SU-2016:2497-1, SUSE-SU-2016:2507-1, SUSE-SU-2016:2533-1, VIGILANCE-VUL-20552, XSA-188.

Description of the vulnerability

An attacker, inside a guest system, can force the usage of a freed memory area via FIFO of Xen, in order to trigger a denial of service, and possibly to run code on the host system.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about XenServer: