OVMSA-2015-0031 - xen security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2015-03-10 |
Description
[4.3.0-55.el6.22.12]
- x86emul: fully ignore segment override for register-only operations
For ModRM encoded instructions with register operands we must not
overwrite ea.mem.seg (if a - bogus in that case - segment override was
present) as it aliases with ea.reg.
This is CVE-2015-2151 / XSA-123.
Signed-off-by: Jan Beulich
Reviewed-by: Tim Deegan
Reviewed-by: Keir Fraser
Acked-by: Chuck Anderson
Reviewed-by: John Haxby [bug 20659547] {CVE-2015-2151}
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 3.3 (x86_64) | xen-4.3.0-55.el6.22.12.src.rpm | b68380f319252cf906459cbdd6c246e2 | OVMSA-2021-0014 |
| xen-4.3.0-55.el6.22.12.x86_64.rpm | 3089b90b6ae5d128201f7fd70f057ce0 | OVMSA-2021-0014 |
| xen-tools-4.3.0-55.el6.22.12.x86_64.rpm | 189031f9dea7e7a611a29bd37b7d6626 | OVMSA-2021-0014 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
