This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Xen was found to allow unprivileged DomU domains to overwrite xenstore
values which should only be changeable by the privileged Dom0 domain.
An attacker controlling a DomU domain could, potentially, use this
flaw to kill arbitrary processes in Dom0 or trick a Dom0 user into
accessing the text console of a different domain running on the same
host. This update makes certain parts of the xenstore tree read-only
to the unprivileged DomU domains. (CVE-2008-4405)
It was discovered that the qemu-dm.debug script created a temporary
file in /tmp in an insecure way. A local attacker in Dom0 could,
potentially, use this flaw to overwrite arbitrary files via a symlink
attack. Note: This script is not needed in production deployments and
therefore was removed and is not shipped with updated xen packages.
This update also fixes the following bug :
- xen calculates its running time by adding the
hypervisor's up-time to the hypervisor's boot-time
record. In live migrations of para-virtualized guests,
however, the guest would over-write the new hypervisor's
boot-time record with the boot-time of the previous
hypervisor. This caused time-dependent processes on the
guests to fail (for example, crond would fail to start
cron jobs). With this update, the new hypervisor's
boot-time record is no longer over-written during live
The Xen host must be restarted for the update to take effect.
See also :
Update the affected xen, xen-devel and / or xen-libs packages.
Risk factor :
High / CVSS Base Score : 7.2