Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE Linux 11-SP2: SUSE-SU-2015:1952-1 Important Denial Of Service

suse
Calendar Grey November 10, 2015
Dist Suse Esm H88
Resolves 7 vulnerabilities associated with SUSE security patch SUSE-SU-2015:1952-1, posing critical threats concerning xen.
An update that solves 7 vulnerabilities and has one errata An update that solves 7 vulnerabilities and has one errata An update that solves 7 vulnerabilities and has one errata is ...

Summary

xen was updated to fix eight security issues. These security issues were fixed: - CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267). - CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642). - CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367). - CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463). - CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697).

Topics%20covered

Topics Covered

security advisory denial of service SUSE Linux important fixes Xen patch instructions

References

#877642 #932267 #944463 #944697 #950367 #950703

#950705 #950706

Cross- CVE-2014-0222 CVE-2015-4037 CVE-2015-5239

CVE-2015-6815 CVE-2015-7835 CVE-2015-7969

CVE-2015-7971

Affected Products:

SUSE Linux Enterprise Server 11-SP2-LTSS

SUSE Linux Enterprise Debuginfo 11-SP2

https://www.suse.com/security/cve/CVE-2014-0222.html

https://www.suse.com/security/cve/CVE-2015-4037.html

https://www.suse.com/security/cve/CVE-2015-5239.html

https://www.suse.com/security/cve/CVE-2015-6815.html

https://www.suse.com/security/cve/CVE-2015-7835.html

https://www.suse.com/security/cve/CVE-2015-7969.html

https://www.suse.com/security/cve/CVE-2015-7971.html

https://bugzilla.suse.com/877642

https://bugzilla.suse.com/932267

https://bugzilla.suse.com/944463

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2015:1952-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service SUSE Linux important fixes Xen patch instructions

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here