OracleVM 3.3 : xen (OVMSA-2015-0031)
High Nessus Plugin ID 81767
SynopsisThe remote OracleVM host is missing one or more security updates.
DescriptionThe remote OracleVM system is missing necessary patches to address critical security updates :
- x86emul: fully ignore segment override for register-only operations For ModRM encoded instructions with register operands we must not overwrite ea.mem.seg (if a - bogus in that case - segment override was present) as it aliases with ea.reg. This is CVE-2015-2151 / XSA-123.
SolutionUpdate the affected xen / xen-tools packages.