SUSE Security Update: Security update for xen
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:2751-1
Rating:             important
References:         #1027519 #1055321 #1059777 #1061076 #1061077 
                    #1061080 #1061081 #1061082 #1061084 #1061086 
                    #1061087 
Cross-References:   CVE-2017-5526
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 12-SP3
                    SUSE Linux Enterprise Server 12-SP3
                    SUSE Linux Enterprise Desktop 12-SP3
______________________________________________________________________________

   An update that solves one vulnerability and has 10 fixes is
   now available.

Description:

   This update for xen fixes several issues:

   These security issues were fixed:

   - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable
     to a memory leakage issue allowing a privileged user inside the guest to
     cause a DoS and/or potentially crash the Qemu process on the host
     (bsc#1059777)
   - bsc#1061084: Missing cleanup in the page type system allowed a malicious
     or buggy PV guest to cause DoS (XSA-242)
   - bsc#1061086: A problem in the shadow pagetable code allowed a malicious
     or buggy HVM guest to cause DoS or cause hypervisor memory corruption
     potentially allowing the guest to escalate its privilege (XSA-243)
   - bsc#1061087: Problematic handling of the selector fields in the
     Interrupt Descriptor Table (IDT) allowed a malicious or buggy x86 PV
     guest to escalate its privileges or cause DoS (XSA-244)
   - bsc#1061077 Missing checks in the handling of DMOPs allowed malicious or
     buggy stub domain kernels or tool stacks otherwise living outside of
     Domain0 to cause a DoS (XSA-238)
   - bsc#1061080: Intercepted I/O write operations with less than a full
     machine word's worth of data were not properly handled, which allowed a
     malicious unprivileged x86 HVM guest to obtain sensitive information
     from the host or
     other guests (XSA-239)
   - bsc#1061081: In certain configurations of linear page tables a stack
     overflow might have occured that allowed a malicious or buggy PV guest
     to cause DoS and potentially privilege escalation and information leaks
     (XSA-240)
   - bsc#1061082: Under certain conditions x86 PV guests could have caused
     the hypervisor to miss a necessary TLB flush for a page. This allowed a
     malicious x86 PV guest to access all of system memory, allowing for
     privilege escalation, DoS, and information leaks (XSA-241)
   - bsc#1061076: Multiple issues existed with the setup of PCI MSI
     interrupts that allowed a malicious or buggy guest to cause DoS and
     potentially privilege escalation and information leaks (XSA-237)
   - bsc#1055321: When dealing with the grant map space of add-to-physmap
     operations, ARM specific code failed to release a lock. This allowed a
      malicious guest administrator to cause DoS (XSA-235)


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 12-SP3:

      zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1702=1

   - SUSE Linux Enterprise Server 12-SP3:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1702=1

   - SUSE Linux Enterprise Desktop 12-SP3:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1702=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 x86_64):

      xen-debugsource-4.9.0_14-3.18.1
      xen-devel-4.9.0_14-3.18.1

   - SUSE Linux Enterprise Server 12-SP3 (x86_64):

      xen-4.9.0_14-3.18.1
      xen-debugsource-4.9.0_14-3.18.1
      xen-doc-html-4.9.0_14-3.18.1
      xen-libs-32bit-4.9.0_14-3.18.1
      xen-libs-4.9.0_14-3.18.1
      xen-libs-debuginfo-32bit-4.9.0_14-3.18.1
      xen-libs-debuginfo-4.9.0_14-3.18.1
      xen-tools-4.9.0_14-3.18.1
      xen-tools-debuginfo-4.9.0_14-3.18.1
      xen-tools-domU-4.9.0_14-3.18.1
      xen-tools-domU-debuginfo-4.9.0_14-3.18.1

   - SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

      xen-4.9.0_14-3.18.1
      xen-debugsource-4.9.0_14-3.18.1
      xen-libs-32bit-4.9.0_14-3.18.1
      xen-libs-4.9.0_14-3.18.1
      xen-libs-debuginfo-32bit-4.9.0_14-3.18.1
      xen-libs-debuginfo-4.9.0_14-3.18.1


References:

   https://www.suse.com/security/cve/CVE-2017-5526.html
   https://bugzilla.suse.com/1027519
   https://bugzilla.suse.com/1055321
   https://bugzilla.suse.com/1059777
   https://bugzilla.suse.com/1061076
   https://bugzilla.suse.com/1061077
   https://bugzilla.suse.com/1061080
   https://bugzilla.suse.com/1061081
   https://bugzilla.suse.com/1061082
   https://bugzilla.suse.com/1061084
   https://bugzilla.suse.com/1061086
   https://bugzilla.suse.com/1061087

SuSE: 2017:2751-1: important: xen

October 17, 2017
An update that solves one vulnerability and has 10 fixes is An update that solves one vulnerability and has 10 fixes is An update that solves one vulnerability and has 10 fixes is ...

Summary

This update for xen fixes several issues: These security issues were fixed: - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1059777) - bsc#1061084: Missing cleanup in the page type system allowed a malicious or buggy PV guest to cause DoS (XSA-242) - bsc#1061086: A problem in the shadow pagetable code allowed a malicious or buggy HVM guest to cause DoS or cause hypervisor memory corruption potentially allowing the guest to escalate its privilege (XSA-243) - bsc#1061087: Problematic handling of the selector fields in the Interrupt Descriptor Table (IDT) allowed a malicious or buggy x86 PV guest to escalate its privileges or cause DoS (XSA-244) - bsc#1061077 Missing checks in the handling of DMOPs allowed malicious or buggy stub domain kernels or tool stacks otherwise living outside of Domain0 to cause a DoS (XSA-238) - bsc#1061080: Intercepted I/O write operations with less than a full machine word's worth of data were not properly handled, which allowed a malicious unprivileged x86 HVM guest to obtain sensitive information from the host or other guests (XSA-239) - bsc#1061081: In certain configurations of linear page tables a stack overflow might have occured that allowed a malicious or buggy PV guest to cause DoS and potentially privilege escalation and information leaks (XSA-240) - bsc#1061082: Under certain conditions x86 PV guests could have caused the hypervisor to miss a necessary TLB flush for a page. This allowed a malicious x86 PV guest to access all of system memory, allowing for privilege escalation, DoS, and information leaks (XSA-241) - bsc#1061076: Multiple issues existed with the setup of PCI MSI interrupts that allowed a malicious or buggy guest to cause DoS and potentially privilege escalation and information leaks (XSA-237) - bsc#1055321: When dealing with the grant map space of add-to-physmap operations, ARM specific code failed to release a lock. This allowed a malicious guest administrator to cause DoS (XSA-235) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1702=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1702=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1702=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 x86_64): xen-debugsource-4.9.0_14-3.18.1 xen-devel-4.9.0_14-3.18.1 - SUSE Linux Enterprise Server 12-SP3 (x86_64): xen-4.9.0_14-3.18.1 xen-debugsource-4.9.0_14-3.18.1 xen-doc-html-4.9.0_14-3.18.1 xen-libs-32bit-4.9.0_14-3.18.1 xen-libs-4.9.0_14-3.18.1 xen-libs-debuginfo-32bit-4.9.0_14-3.18.1 xen-libs-debuginfo-4.9.0_14-3.18.1 xen-tools-4.9.0_14-3.18.1 xen-tools-debuginfo-4.9.0_14-3.18.1 xen-tools-domU-4.9.0_14-3.18.1 xen-tools-domU-debuginfo-4.9.0_14-3.18.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): xen-4.9.0_14-3.18.1 xen-debugsource-4.9.0_14-3.18.1 xen-libs-32bit-4.9.0_14-3.18.1 xen-libs-4.9.0_14-3.18.1 xen-libs-debuginfo-32bit-4.9.0_14-3.18.1 xen-libs-debuginfo-4.9.0_14-3.18.1

References

#1027519 #1055321 #1059777 #1061076 #1061077

#1061080 #1061081 #1061082 #1061084 #1061086

#1061087

Cross- CVE-2017-5526

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP3

SUSE Linux Enterprise Server 12-SP3

SUSE Linux Enterprise Desktop 12-SP3

https://www.suse.com/security/cve/CVE-2017-5526.html

https://bugzilla.suse.com/1027519

https://bugzilla.suse.com/1055321

https://bugzilla.suse.com/1059777

https://bugzilla.suse.com/1061076

https://bugzilla.suse.com/1061077

https://bugzilla.suse.com/1061080

https://bugzilla.suse.com/1061081

https://bugzilla.suse.com/1061082

https://bugzilla.suse.com/1061084

https://bugzilla.suse.com/1061086

https://bugzilla.suse.com/1061087

Severity
Announcement ID: SUSE-SU-2017:2751-1
Rating: important

Related News

Google Chrome 129: Addressing Crucial Vulnerabilities and Enhancing Security
2 - 4 min read
Google Chrome remains the crown jewel in the browser market, with an impressive user base of approximately 3.45 billion. However, this immense
Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved