Oval Definition:oval:com.redhat.rhsa:def:20162963
Revision Date:2016-12-20Version:635
Title:RHSA-2016:2963: xen security update (Important)
Description:Xen is a virtual machine monitor

Security Fix(es):

  • An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bit address parameter. A privileged guest user/process could use this flaw to potentially escalate their privileges on a host. (CVE-2016-9637)

    Red Hat would like to thank the Xen project for reporting this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2016-9637
    RHSA-2016:2963
    RHSA-2016:2963-00
    RHSA-2016:2963-01
    RHSA-2016:2963-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • xen is earlier than 0:3.0.3-148.el5_11
  • AND xen is signed with Red Hat redhatrelease2 key
  • xen-devel is earlier than 0:3.0.3-148.el5_11
  • AND xen-devel is signed with Red Hat redhatrelease2 key
  • xen-libs is earlier than 0:3.0.3-148.el5_11
  • AND xen-libs is signed with Red Hat redhatrelease2 key
    • BACK