SUSE: 2012:1606-1 Critical Update for Xen Memory Vulnerabilities
suse
December 4, 2012
An update that fixes two vulnerabilities is now available
Summary
This update fixes the following security issues in xen:
* CVE-2012-5513: XENMEM_exchange may overwrite
hypervisor memory (XSA-29)
* CVE-2012-5515: Several memory hypercall operations
allow invalid extent order values (XSA-31)
Also the following bugs have been fixed and upstream
patches have been applied:
26134-x86-shadow-invlpg-check.patch
Security Issue references:
* CVE-2012-5513
Topics Covered
References
#789950 #789951
Cross- CVE-2012-5513 CVE-2012-5515
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
https://www.suse.com/security/cve/CVE-2012-5513.html
https://www.suse.com/security/cve/CVE-2012-5515.html
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2012:1606-1
Rating: important
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!