libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167077.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html
http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html
http://www.debian.org/security/2015/dsa-3414
http://www.securityfocus.com/bid/76823
http://www.securitytracker.com/id/1033633
http://xenbits.xen.org/xsa/advisory-142.html
OR
cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.1:-:*:*:*:*:x86:*
cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.4:*:*:*:*:*:x86:*
cpe:2.3:o:xen:xen:4.2.5:*:*:*:*:*:x86:*
cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:x86:*
cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.4.1:-:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
90380 | GLSA-201604-03 : Xen: Multiple vulnerabilities (Venom) | Nessus | Gentoo Local Security Checks | high |
88124 | openSUSE Security Update : xen (openSUSE-2016-34) | Nessus | SuSE Local Security Checks | high |
87650 | SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:2338-1) | Nessus | SuSE Local Security Checks | high |
87591 | SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:2328-1) | Nessus | SuSE Local Security Checks | high |
87590 | SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:2326-1) | Nessus | SuSE Local Security Checks | high |
87588 | SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:2324-1) | Nessus | SuSE Local Security Checks | high |
87443 | openSUSE Security Update : xen (openSUSE-2015-893) | Nessus | SuSE Local Security Checks | high |
87393 | openSUSE Security Update : xen (openSUSE-2015-892) | Nessus | SuSE Local Security Checks | high |
87288 | Debian DSA-3414-1 : xen - security update | Nessus | Debian Local Security Checks | medium |
86909 | openSUSE Security Update : xen (openSUSE-2015-750) | Nessus | SuSE Local Security Checks | high |
86863 | openSUSE Security Update : xen (openSUSE-2015-729) | Nessus | SuSE Local Security Checks | high |
86835 | FreeBSD : xen-tools -- libxl fails to honour readonly flag on disks with qemu-xen (301b04d7-881c-11e5-ab94-002590263bf5) | Nessus | FreeBSD Local Security Checks | low |
86756 | SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:1908-1) | Nessus | SuSE Local Security Checks | high |
86753 | SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:1894-1) | Nessus | SuSE Local Security Checks | high |
86704 | SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:1853-1) | Nessus | SuSE Local Security Checks | high |
86163 | Fedora 21 : xen-4.4.3-3.fc21 (2015-15946) | Nessus | Fedora Local Security Checks | high |
86162 | Fedora 22 : xen-4.5.1-8.fc22 (2015-15944) | Nessus | Fedora Local Security Checks | high |
86055 | Fedora 23 : xen-4.5.1-8.fc23 (2015-15943) | Nessus | Fedora Local Security Checks | low |