SUSE: 2016:2533-1 Important: Xen Security Fix Denial of Service Issues

suse

October 13, 2016

An update that solves 38 vulnerabilities and has 20 fixes An update that solves 38 vulnerabilities and has 20 fixes An update that solves 38 vulnerabilities and has 20 fixes is now...

Summary

This update for xen fixes several issues. These security issues were fixed: - CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264). - CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188). - CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387.c did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive

Topics Covered

security advisory denial of service buffer overflow remote code execution security fix SUSE xen

References

#953339 #953362 #953518 #954872 #955399 #957986

#958848 #961600 #963161 #964427 #970135 #971949

#973188 #973631 #974038 #975130 #975138 #975907

#976058 #976111 #978164 #978295 #978413 #979035

#979620 #979670 #980716 #980724 #981264 #981276

#982024 #982025 #982026 #982224 #982225 #982286

#982695 #982960 #983973 #983984 #984981 #985503

#986586 #988675 #990843 #990923 #990970 #991934

#992224 #994421 #994625 #994761 #994772 #994775

#995785 #995789 #995792 #997731

Cross- CVE-2014-3615 CVE-2014-3672 CVE-2016-3158

CVE-2016-3159 CVE-2016-3710 CVE-2016-3712

CVE-2016-3960 CVE-2016-4001 CVE-2016-4002

CVE-2016-4020 CVE-2016-4037 CVE-2016-4439

CVE-2016-4441 CVE-2016-4453 CVE-2016-4454

CVE-2016-4480 CVE-2016-4952 CV...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2016:2533-1

Rating: important

Topics Covered

security advisory denial of service buffer overflow remote code execution security fix SUSE xen

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:2533-1 Important: Xen Security Fix Denial of Service Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:2533-1 Important: Xen Security Fix Denial of Service Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!