First published: Tue Oct 02 2007(Updated: )
The Xen package contains the tools for managing the virtual machine monitor<br>in Red Hat Enterprise Linux virtualization.<br>The following security flaws are fixed in the updated Xen package:<br>Joris van Rantwijk found a flaw in the Pygrub utility which is used as a<br>boot loader for guest domains. A malicious local administrator of a guest<br>domain could create a carefully crafted grub.conf file which would trigger<br>the execution of arbitrary code outside of that domain. (CVE-2007-4993)<br>Tavis Ormandy discovered a heap overflow flaw during video-to-video copy<br>operations in the Cirrus VGA extension code used in Xen. A malicious local<br>administrator of a guest domain could potentially trigger this flaw and<br>execute arbitrary code outside of the domain. (CVE-2007-1320)<br>Tavis Ormandy discovered insufficient input validation leading to a heap<br>overflow in the Xen NE2000 network driver. If the driver is in use, a<br>malicious local administrator of a guest domain could potentially trigger<br>this flaw and execute arbitrary code outside of the domain. Xen does not<br>use this driver by default. (CVE-2007-1321)<br>Users of Xen should update to these erratum packages containing backported<br>patches which correct these issues.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/xen | <3.0.3-25.0.4.el5 | 3.0.3-25.0.4.el5 |
redhat/xen | <3.0.3-25.0.4.el5 | 3.0.3-25.0.4.el5 |
redhat/xen-devel | <3.0.3-25.0.4.el5 | 3.0.3-25.0.4.el5 |
redhat/xen-devel | <3.0.3-25.0.4.el5 | 3.0.3-25.0.4.el5 |
redhat/xen-libs | <3.0.3-25.0.4.el5 | 3.0.3-25.0.4.el5 |
redhat/xen-libs | <3.0.3-25.0.4.el5 | 3.0.3-25.0.4.el5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.