Alerts This Week
Warning Icon 1 700
Alerts This Week
Warning Icon 1 700

SUSE: 2017:1795-1 Important: Xen Denial of Service Risks

suse
Calendar Grey July 6, 2017
Dist Suse Esm H88
This critical announcement from Red Hat resolves 12 vulnerabilities in open source applications, guaranteeing better performance and reliability for its clientele.
An update that solves 16 vulnerabilities and has two fixes An update that solves 16 vulnerabilities and has two fixes An update that solves 16 vulnerabilities and has two fixes is ...

Summary

This update for xen fixes several issues. These security issues were fixed: - CVE-2017-9503: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a null pointer dereference issue which allowed a privileged user inside guest to crash the Qemu process on the host resulting in DoS (bsc#1043297) - CVE-2017-9374: Missing free of 's->ipacket', causes a host memory leak, allowing for DoS (bsc#1043074) - CVE-2017-10911: blkif responses leaked backend stack data, which allowed unprivileged guest to obtain sensitive information from the host or other guests (XSA-216, bsc#1042863) - CVE-2017-10912: Page transfer might have allowed PV guest to elevate privilege (XSA-217, bsc#1042882) - CVE-2017-10913, CVE-2017-10914: Races in the grant table unmap code

Topics%20covered

Topics Covered

security advisory DoS security patch system update SUSE Linux Xen security

References

#1014136 #1026236 #1027519 #1031460 #1032148

#1034845 #1036470 #1037243 #1042160 #1042863

#1042882 #1042893 #1042915 #1042924 #1042931

#1042938 #1043074 #1043297

Cross- CVE-2017-10911 CVE-2017-10912 CVE-2017-10913

CVE-2017-10914 CVE-2017-10915 CVE-2017-10917

CVE-2017-10918 CVE-2017-10920 CVE-2017-10921

CVE-2017-10922 CVE-2017-8112 CVE-2017-8309

CVE-2017-8905 CVE-2017-9330 CVE-2017-9374

CVE-2017-9503

Affected Products:

SUSE Linux Enterprise Server for SAP 12

SUSE Linux Enterprise Server 12-LTSS

https://www.suse.com/security/cve/CVE-2017-10911.html

https://www.suse.com/security/cve/CVE-2017-10912.html

https://www.suse.com/security/cve/CVE-2017-10913.html

https://www.suse.com/security/cve/CVE-2017-10914.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:1795-1
Rating: important

Topics%20covered

Topics Covered

security advisory DoS security patch system update SUSE Linux Xen security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here