Synopsis: Important: xen security update Advisory ID: SLSA-2016:2963-1 Issue Date: 2016-12-20 CVE Numbers: CVE-2016-9637 -- Security Fix(es): * An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bit address parameter. A privileged guest user/process could use this flaw to potentially escalate their privileges on a host. (CVE-2016-9637) -- SL5 x86_64 xen-debuginfo-3.0.3-148.el5_11.i386.rpm xen-debuginfo-3.0.3-148.el5_11.x86_64.rpm xen-libs-3.0.3-148.el5_11.i386.rpm xen-libs-3.0.3-148.el5_11.x86_64.rpm xen-3.0.3-148.el5_11.x86_64.rpm xen-devel-3.0.3-148.el5_11.i386.rpm xen-devel-3.0.3-148.el5_11.x86_64.rpm i386 xen-debuginfo-3.0.3-148.el5_11.i386.rpm xen-libs-3.0.3-148.el5_11.i386.rpm xen-3.0.3-148.el5_11.i386.rpm xen-devel-3.0.3-148.el5_11.i386.rpm - Scientific Linux Development Team