openSUSE 10 Security Update : xen (xen-4901)
Medium Nessus Plugin ID 29963
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update fixes Xen security issues.
Two security problems were fixed: CVE-2007-5906: Xen allowed virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.
CVE-2007-5907: Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to cause a denial of service (crash).
SolutionUpdate the affected xen packages.