openSUSE 10 Security Update : xen (xen-4764)
Medium Nessus Plugin ID 29891
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update fixes various Xen issues.
Two security problems were fixed: CVE-2007-5906: Xen allowed virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.
CVE-2007-5907: Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to cause a denial of service (crash).
Also the following bugs were fixed: 279062: Timer ISR/1: Time went backwards 340379: Xen-3.04_13138-0.52 not working with FV File-Backed VMs
SolutionUpdate the affected xen packages.