Explore top 10 tips to secure your open-source projects now. Read More
×
Xen was updated to 4.4.2 to fix multiple vulnerabilities and non-security
bugs.
The following vulnerabilities were fixed:
* CVE-2015-4103: Potential unintended writes to host MSI message data
field via qemu (XSA-128) (boo#931625)
* CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests
(XSA-129) (boo#931626)
* CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages
(XSA-130) (boo#931627)
* CVE-2015-4106: Unmediated PCI register access in qemu (XSA-131)
(boo#931628)
* CVE-2015-4164: DoS through iret hypercall handler (XSA-136) (boo#932996)
* CVE-2015-4163: GNTTABOP_swap_grant_ref operation misbehavior (XSA-134)
(boo#932790)
* CVE-2015-3209: heap overflow in qemu pcnet controller allowing guest to
host escape (XSA-135) (boo#932770)
* CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation,
which could be used to denial of service attacks or potential code
execution against...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2015-434=1
To bring your system up-to-date, use "zypper patch".
- openSUSE 13.2 (i586 x86_64):
xen-debugsource-4.4.2_06-23.1
xen-devel-4.4.2_06-23.1
xen-libs-4.4.2_06-23.1
xen-libs-debuginfo-4.4.2_06-23.1
xen-tools-domU-4.4.2_06-23.1
xen-tools-domU-debuginfo-4.4.2_06-23.1
- openSUSE 13.2 (x86_64):
xen-4.4.2_06-23.1
xen-doc-html-4.4.2_06-23.1
xen-kmp-default-4.4.2_06_k3.16.7_21-23.1
xen-kmp-default-debuginfo-4.4.2_06_k3.16.7_21-23.1
xen-kmp-desktop-4.4.2_06_k3.16.7_21-23.1
xen-kmp-desktop-debuginfo-4.4.2_06_k3.16.7_21-23.1
xen-libs-32bit-4.4.2_06-23.1
xen-libs-debuginfo-32bit-4.4.2_06-23.1
xen-tools-4.4.2_06-23.1
xen-tools-debuginfo-4.4.2_06-23.1
https://www.suse.com/security/cve/CVE-2014-3615.html
https://www.suse.com/security/cve/CVE-2015-2044.html
https://www.suse.com/security/cve/CVE-2015-2045.html
https://www.suse.com/security/cve/CVE-2015-2151.html
https://www.suse.com/security/cve/CVE-2015-2152.html
https://www.suse.com/security/cve/CVE-2015-2751.html
https://www.suse.com/security/cve/CVE-2015-2752.html
https://www.suse.com/security/cve/CVE-2015-2756.html
https://www.suse.com/security/cve/CVE-2015-3209.html
https://www.suse.com/security/cve/CVE-2015-3340.html
https://www.suse.com/security/cve/CVE-2015-3456.html
https://www.suse.com/security/cve/CVE-2015-4103.html
https://www.suse.com/security/cve/CVE-2015-4104.html
https://www.suse.com/security/cve/CVE-2015-4105.html
https://www.suse.com/security/cve/CVE-2015-4106.html
https://www.suse.com/security/cve/CVE-2015-4163.html
https://www.suse.com/security/cve/CVE-2015-4164.html
https://bugzilla.suse.com/861318
https://bugzilla.suse.com/882089
https://bugzilla.suse.com/895528
https://bugzilla.sus...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.