Scientific Linux Security Update : xen on SL5.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.

Synopsis :

The remote Scientific Linux host is missing one or more security

Description :

It was discovered that the hypervisor's para-virtualized framebuffer
(PVFB) backend failed to validate the frontend's framebuffer
description properly. This could allow a privileged user in the
unprivileged domain (DomU) to cause a denial of service, or, possibly,
elevate privileges to the privileged domain (Dom0). (CVE-2008-1952)

A flaw was found in the QEMU block format auto-detection, when running
fully-virtualized guests and using Qemu images written on removable
media (USB storage, 3.5' disks). Privileged users of such
fully-virtualized guests (DomU), with a raw-formatted disk image, were
able to write a header to that disk image describing another format.
This could allow such guests to read arbitrary files in their
hypervisor's host (Dom0). (CVE-2008-1945)

Additionally, the following bug is addressed in this update :

- The qcow-create command terminated when invoked due to
glibc bounds checking on the realpath() function.

See also :

Solution :

Update the affected xen, xen-devel and / or xen-libs packages.

Risk factor :

Medium / CVSS Base Score : 4.9

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60480 ()

Bugtraq ID:

CVE ID: CVE-2008-1945