SUSE 12-SP1: 2017:1147-1 Important: Memory Access Issues

suse

May 2, 2017

An update that solves 6 vulnerabilities and has 9 fixes is An update that solves 6 vulnerabilities and has 9 fixes is An update that solves 6 vulnerabilities and has 9 fixes is now...

Summary

This update for xen fixes several issues. These security issues were fixed: - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843) - A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844). - CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the

Topics Covered

security advisory information leak privilege escalation system crash important update memory issues SUSE Linux Enterprise

References

#1015348 #1022555 #1026636 #1027519 #1027570

#1028235 #1028655 #1029827 #1030144 #1030442

#1034843 #1034844 #1034845 #1034994 #1035483

Cross- CVE-2016-9603 CVE-2017-2633 CVE-2017-6414

CVE-2017-6505 CVE-2017-7718 CVE-2017-7980

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP1

SUSE Linux Enterprise Server 12-SP1

SUSE Linux Enterprise Desktop 12-SP1

https://www.suse.com/security/cve/CVE-2016-9603.html

https://www.suse.com/security/cve/CVE-2017-2633.html

https://www.suse.com/security/cve/CVE-2017-6414.html

https://www.suse.com/security/cve/CVE-2017-6505.html

https://www.suse.com/security/cve/CVE-2017-7718.html

https://www.suse.com/security/cve/CVE-2017-7980.html

https://bugzilla.suse.com/1015348

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2017:1147-1

Rating: important

Topics Covered

security advisory information leak privilege escalation system crash important update memory issues SUSE Linux Enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 12-SP1: 2017:1147-1 Important: Memory Access Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 12-SP1: 2017:1147-1 Important: Memory Access Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!