SUSE 11 SP3: 2013:1314-2 Critical: Xen Memory Corruption Vulnerabilities
suse
August 9, 2013
An update that solves three vulnerabilities and has 6 fixes An update that solves three vulnerabilities and has 6 fixes An update that solves three vulnerabilities and has 6 fixes ...
Summary
The Xen hypervisor and toolset has been updated to 4.2.2_06 to fix various bugs and security issues: The following security issues have been addressed: * CVE-2013-2194: Various integer overflows in the ELF loader were fixed. (XSA-55) * CVE-2013-2195: Various pointer dereferences issues in the ELF loader were fixed. (XSA-55) * CVE-2013-2196: Various other problems in the ELF loader were fixed. (XSA-55) * CVE-2013-2078: A Hypervisor crash due to missing exception recovery on XSETBV was fixed. (XSA-54) * CVE-2013-2077: A Hypervisor crash due to missing exception recovery on XRSTOR was fixed. (XSA-53) * CVE-2013-2211: libxl allowed guest write access to sensitive console related xenstore keys. (XSA-57) * CVE-2013-2076: An information leak on XSAVE/XRSTOR capable AMD CPUs (XSA-52) was fixed, where parts of this
References
#801663 #808085 #808269 #817210 #820917 #820919
#820920 #823011 #823608
Cross- CVE-2013-2194 CVE-2013-2195 CVE-2013-2196
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Desktop 11 SP3
https://www.suse.com/security/cve/CVE-2013-2194.html
https://www.suse.com/security/cve/CVE-2013-2195.html
https://www.suse.com/security/cve/CVE-2013-2196.html
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2013:1314-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!