OracleVM 3.3 : xen (OVMSA-2015-0026)
Low Nessus Plugin ID 81694
SynopsisThe remote OracleVM host is missing one or more security updates.
DescriptionThe remote OracleVM system is missing necessary patches to address critical security updates :
- pre-fill structures for certain HYPERVISOR_xen_version sub-ops ... avoiding to pass hypervisor stack contents back to the caller through space unused by the respective strings. This is XSA-122. (CVE-2015-2045)
- x86/HVM: return all ones on wrong-sized reads of system device I/O ports So far the value presented to the guest remained uninitialized. This is XSA-121. (CVE-2015-2044)
SolutionUpdate the affected xen / xen-tools packages.