Vulnerabilities > CVE-2012-0218 - Unspecified vulnerability in XEN 3.4.0/4.0.0/4.1.0
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter instruction, does not properly clear a flag for exception injection when injecting a General Protection Fault, which allows local PV guest OS users to cause a denial of service (guest crash) by later triggering an exception that would normally be handled within Xen.
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2501.NASL description Several vulnerabilities were discovered in Xen, a hypervisor. - CVE-2012-0217 Xen does not properly handle uncanonical return addresses on Intel amd64 CPUs, allowing amd64 PV guests to elevate to hypervisor privileges. AMD processors, HVM and i386 guests are not affected. - CVE-2012-0218 Xen does not properly handle SYSCALL and SYSENTER instructions in PV guests, allowing unprivileged users inside a guest system to crash the guest system. - CVE-2012-2934 Xen does not detect old AMD CPUs affected by AMD Erratum #121. For CVE-2012-2934, Xen refuses to start domUs on affected systems unless the last seen 2020-03-17 modified 2012-06-29 plugin id 59779 published 2012-06-29 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59779 title Debian DSA-2501-1 : xen - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2501. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(59779); script_version("1.15"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-0217", "CVE-2012-0218", "CVE-2012-2934"); script_bugtraq_id(53856, 53955, 53961); script_xref(name:"DSA", value:"2501"); script_name(english:"Debian DSA-2501-1 : xen - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities were discovered in Xen, a hypervisor. - CVE-2012-0217 Xen does not properly handle uncanonical return addresses on Intel amd64 CPUs, allowing amd64 PV guests to elevate to hypervisor privileges. AMD processors, HVM and i386 guests are not affected. - CVE-2012-0218 Xen does not properly handle SYSCALL and SYSENTER instructions in PV guests, allowing unprivileged users inside a guest system to crash the guest system. - CVE-2012-2934 Xen does not detect old AMD CPUs affected by AMD Erratum #121. For CVE-2012-2934, Xen refuses to start domUs on affected systems unless the 'allow_unsafe' option is passed." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-0217" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-0218" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-2934" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2012-2934" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/xen" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2012/dsa-2501" ); script_set_attribute( attribute:"solution", value: "Upgrade the xen packages. For the stable distribution (squeeze), these problems have been fixed in version 4.0.1-5.2." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'FreeBSD Intel SYSRET Privilege Escalation'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:xen"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/06/12"); script_set_attribute(attribute:"patch_publication_date", value:"2012/06/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/06/29"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"libxen-dev", reference:"4.0.1-5.2")) flag++; if (deb_check(release:"6.0", prefix:"libxenstore3.0", reference:"4.0.1-5.2")) flag++; if (deb_check(release:"6.0", prefix:"xen-docs-4.0", reference:"4.0.1-5.2")) flag++; if (deb_check(release:"6.0", prefix:"xen-hypervisor-4.0-amd64", reference:"4.0.1-5.2")) flag++; if (deb_check(release:"6.0", prefix:"xen-hypervisor-4.0-i386", reference:"4.0.1-5.2")) flag++; if (deb_check(release:"6.0", prefix:"xen-utils-4.0", reference:"4.0.1-5.2")) flag++; if (deb_check(release:"6.0", prefix:"xenstore-utils", reference:"4.0.1-5.2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201309-24.NASL description The remote host is affected by the vulnerability described in GLSA-201309-24 (Xen: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact : Guest domains could possibly gain privileges, execute arbitrary code, or cause a Denial of Service on the host domain (Dom0). Additionally, guest domains could gain information about other virtual machines running on the same host or read arbitrary files on the host. Workaround : The CVEs listed below do not currently have fixes, but only apply to Xen setups which have “tmem” specified on the hypervisor command line. TMEM is not currently supported for use in production systems, and administrators using tmem should disable it. Relevant CVEs: * CVE-2012-2497 * CVE-2012-6030 * CVE-2012-6031 * CVE-2012-6032 * CVE-2012-6033 * CVE-2012-6034 * CVE-2012-6035 * CVE-2012-6036 last seen 2020-06-01 modified 2020-06-02 plugin id 70184 published 2013-09-28 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/70184 title GLSA-201309-24 : Xen: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201309-24. # # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(70184); script_version("1.15"); script_cvs_date("Date: 2019/08/12 17:35:38"); script_cve_id("CVE-2011-2901", "CVE-2011-3262", "CVE-2012-0217", "CVE-2012-0218", "CVE-2012-2934", "CVE-2012-3432", "CVE-2012-3433", "CVE-2012-3494", "CVE-2012-3495", "CVE-2012-3496", "CVE-2012-3497", "CVE-2012-3498", "CVE-2012-3515", "CVE-2012-4411", "CVE-2012-4535", "CVE-2012-4536", "CVE-2012-4537", "CVE-2012-4538", "CVE-2012-4539", "CVE-2012-5510", "CVE-2012-5511", "CVE-2012-5512", "CVE-2012-5513", "CVE-2012-5514", "CVE-2012-5515", "CVE-2012-5525", "CVE-2012-5634", "CVE-2012-6030", "CVE-2012-6031", "CVE-2012-6032", "CVE-2012-6033", "CVE-2012-6034", "CVE-2012-6035", "CVE-2012-6036", "CVE-2012-6075", "CVE-2012-6333", "CVE-2013-0151", "CVE-2013-0152", "CVE-2013-0153", "CVE-2013-0154", "CVE-2013-0215", "CVE-2013-1432", "CVE-2013-1917", "CVE-2013-1918", "CVE-2013-1919", "CVE-2013-1920", "CVE-2013-1922", "CVE-2013-1952", "CVE-2013-1964", "CVE-2013-2076", "CVE-2013-2077", "CVE-2013-2078", "CVE-2013-2194", "CVE-2013-2195", "CVE-2013-2196", "CVE-2013-2211"); script_bugtraq_id(49370, 53856, 53955, 53961, 54691, 54942, 55400, 55406, 55410, 55412, 55413, 55414, 55442, 56498, 56794, 56796, 56797, 56798, 56799, 56803, 56805, 57159, 57223, 57420, 57494, 57495, 57742, 57745, 58880, 59070, 59291, 59292, 59293, 59615, 59617, 60277, 60278, 60282, 60701, 60702, 60703, 60721, 60799); script_xref(name:"GLSA", value:"201309-24"); script_name(english:"GLSA-201309-24 : Xen: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201309-24 (Xen: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact : Guest domains could possibly gain privileges, execute arbitrary code, or cause a Denial of Service on the host domain (Dom0). Additionally, guest domains could gain information about other virtual machines running on the same host or read arbitrary files on the host. Workaround : The CVEs listed below do not currently have fixes, but only apply to Xen setups which have “tmem” specified on the hypervisor command line. TMEM is not currently supported for use in production systems, and administrators using tmem should disable it. Relevant CVEs: * CVE-2012-2497 * CVE-2012-6030 * CVE-2012-6031 * CVE-2012-6032 * CVE-2012-6033 * CVE-2012-6034 * CVE-2012-6035 * CVE-2012-6036" ); script_set_attribute( attribute:"see_also", value:"https://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201309-24" ); script_set_attribute( attribute:"solution", value: "All Xen users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/xen-4.2.2-r1' All Xen-tools users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/xen-tools-4.2.2-r3' All Xen-pvgrub users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/xen-pvgrub-4.2.2-r1'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'FreeBSD Intel SYSRET Privilege Escalation'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xen-pvgrub"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xen-tools"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/08/19"); script_set_attribute(attribute:"patch_publication_date", value:"2013/09/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/28"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"app-emulation/xen-pvgrub", unaffected:make_list("ge 4.2.2-r1"), vulnerable:make_list("lt 4.2.2-r1"))) flag++; if (qpkg_check(package:"app-emulation/xen", unaffected:make_list("ge 4.2.2-r1"), vulnerable:make_list("lt 4.2.2-r1"))) flag++; if (qpkg_check(package:"app-emulation/xen-tools", unaffected:make_list("ge 4.2.2-r3"), vulnerable:make_list("lt 4.2.2-r3"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Xen"); }NASL family Fedora Local Security Checks NASL id FEDORA_2012-9430.NASL description make pygrub cope better with big files from guest (#818412 CVE-2012-2625), 64-bit PV guest privilege escalation vulnerability [CVE-2012-0217], guest denial of service on syscall/sysenter exception generation [CVE-2012-0218], PV guest host Denial of Service [CVE-2012-2934] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-06-26 plugin id 59696 published 2012-06-26 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59696 title Fedora 15 : xen-4.1.2-8.fc15 (2012-9430) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2012-9430. # include("compat.inc"); if (description) { script_id(59696); script_version("1.8"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_xref(name:"FEDORA", value:"2012-9430"); script_name(english:"Fedora 15 : xen-4.1.2-8.fc15 (2012-9430)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "make pygrub cope better with big files from guest (#818412 CVE-2012-2625), 64-bit PV guest privilege escalation vulnerability [CVE-2012-0217], guest denial of service on syscall/sysenter exception generation [CVE-2012-0218], PV guest host Denial of Service [CVE-2012-2934] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082752.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ebc2ae1d" ); script_set_attribute(attribute:"solution", value:"Update the affected xen package."); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xen"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:15"); script_set_attribute(attribute:"patch_publication_date", value:"2012/06/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/06/26"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^15([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 15.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC15", reference:"xen-4.1.2-8.fc15")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xen"); }NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2012-0022.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2012-0217 CVE-2012-0218: guest DoS on syscall/sysenter exception generation [orabug 13993157] last seen 2020-06-01 modified 2020-06-02 plugin id 79478 published 2014-11-26 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79478 title OracleVM 2.2 : xen (OVMSA-2012-0022) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2012-0021.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - x86-64: detect processors subject to AMD erratum #121 and refuse to boot(CVE-2006-0744) - guest denial of service on syscall/sysenter exception generation (CVE-2012-0217),(CVE-2012-0218) - Remove unnecessary balloon retries on vm create. This is a backport from fix for bug 14143327. last seen 2020-06-01 modified 2020-06-02 plugin id 79477 published 2014-11-26 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79477 title OracleVM 3.1 : xen (OVMSA-2012-0021) NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-404.NASL description This update of XEN fixed multiple security flaws that could be exploited by local attackers to cause a Denial of Service or potentially escalate privileges. Additionally, several other upstream changes were backported. last seen 2020-06-05 modified 2014-06-13 plugin id 74683 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74683 title openSUSE Security Update : xen (openSUSE-2012-404) NASL family Fedora Local Security Checks NASL id FEDORA_2012-9399.NASL description make pygrub cope better with big files from guest (#818412 CVE-2012-2625), 64-bit PV guest privilege escalation vulnerability [CVE-2012-0217], guest denial of service on syscall/sysenter exception generation [CVE-2012-0218], PV guest host Denial of Service [CVE-2012-2934] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-06-26 plugin id 59693 published 2012-06-26 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59693 title Fedora 16 : xen-4.1.2-8.fc16 (2012-9399) NASL family SuSE Local Security Checks NASL id SUSE_11_XEN-201206-120606.NASL description Three security issues were found in XEN. Two security issues are fixed by this update : - Due to incorrect fault handling in the XEN hypervisor it was possible for a XEN guest domain administrator to execute code in the XEN host environment. (CVE-2012-0217) - Also a guest user could crash the guest XEN kernel due to a protection fault bounce. The third fix is changing the Xen behaviour on certain hardware:. (CVE-2012-0218) - The issue is a denial of service issue on older pre-SVM AMD CPUs (AMD Erratum 121). AMD Erratum #121 is described in last seen 2020-06-05 modified 2013-01-25 plugin id 64233 published 2013-01-25 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64233 title SuSE 11.1 Security Update : Xen (SAT Patch Number 6399) NASL family Fedora Local Security Checks NASL id FEDORA_2012-9386.NASL description 64-bit PV guest privilege escalation vulnerability [CVE-2012-0217], guest denial of service on syscall/sysenter exception generation [CVE-2012-0218], PV guest host Denial of Service [CVE-2012-2934] Enable xenconsoled by default under systemd, adjust xend.service systemd file to avoid selinux problems Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-06-26 plugin id 59692 published 2012-06-26 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59692 title Fedora 17 : xen-4.1.2-20.fc17 (2012-9386) NASL family SuSE Local Security Checks NASL id SUSE_XEN-201206-8180.NASL description Three security issues were found in XEN. Two security issues are fixed by this update : - Due to incorrect fault handling in the XEN hypervisor it was possible for a XEN guest domain administrator to execute code in the XEN host environment. (CVE-2012-0217) - Also a guest user could crash the guest XEN kernel due to a protection fault bounce. (CVE-2012-0218) The third fix is changing the Xen behaviour on certain hardware : - The issue is a denial of service issue on older pre-SVM AMD CPUs (AMD Erratum 121). (CVE-2012-2934) AMD Erratum #121 is described in last seen 2020-06-05 modified 2012-06-13 plugin id 59469 published 2012-06-13 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59469 title SuSE 10 Security Update : Xen (ZYPP Patch Number 8180) NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-403.NASL description This update of XEN fixed multiple security flaws that could be exploited by local attackers to cause a Denial of Service or potentially escalate privileges. Additionally, several other upstream changes were backported. last seen 2020-06-05 modified 2014-06-13 plugin id 74682 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74682 title openSUSE Security Update : xen (openSUSE-SU-2012:0886-1)