SUSE: 2015:1045-1 Important: Xen Security Fixes and Updates

suse

June 11, 2015

An update that fixes 7 vulnerabilities is now available

Summary

Xen was updated to fix seven security vulnerabilities: * CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu. (XSA-128, bnc#931625) * CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests. (XSA-129, bnc#931626) * CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages. (XSA-130, bnc#931627) * CVE-2015-4106: Unmediated PCI register access in qemu. (XSA-131, bnc#931628) * CVE-2015-4163: GNTTABOP_swap_grant_ref operation misbehavior. (XSA-134, bnc#932790) * CVE-2015-3209: Heap overflow in qemu pcnet controller allowing guest to host escape. (XSA-135, bnc#932770) * CVE-2015-4164: DoS through iret hypercall handler. (XSA-136, bnc#932996) Security Issues: * CVE-2015-4103

Topics Covered

security advisory software update important SUSE security issues system reboot Xen

References

#931625 #931626 #931627 #931628 #932770 #932790

#932996

Cross- CVE-2015-3209 CVE-2015-4103 CVE-2015-4104

CVE-2015-4105 CVE-2015-4106 CVE-2015-4163

CVE-2015-4164

Affected Products:

SUSE Linux Enterprise Software Development Kit 11 SP3

SUSE Linux Enterprise Server 11 SP3

SUSE Linux Enterprise Desktop 11 SP3

https://www.suse.com/security/cve/CVE-2015-3209.html

https://www.suse.com/security/cve/CVE-2015-4103.html

https://www.suse.com/security/cve/CVE-2015-4104.html

https://www.suse.com/security/cve/CVE-2015-4105.html

https://www.suse.com/security/cve/CVE-2015-4106.html

https://www.suse.com/security/cve/CVE-2015-4163.html

https://www.suse.com/security/cve/CVE-2015-4164.html

https://bugzilla.suse.com/show_bug.cgi?id=931625

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2015:1045-1

Rating: important

Topics Covered

security advisory software update important SUSE security issues system reboot Xen

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2015:1045-1 Important: Xen Security Fixes and Updates

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2015:1045-1 Important: Xen Security Fixes and Updates

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!