Discover Government News

   SUSE Security Update: Security update for xen
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:3212-1
Rating:             important
References:         #1061075 #1061081 #1061086 #1063123 #1068187 
                    #1068191 
Cross-References:   CVE-2017-15289 CVE-2017-15592 CVE-2017-15595
                    CVE-2017-15597
Affected Products:
                    SUSE Linux Enterprise Server 11-SP3-LTSS
                    SUSE Linux Enterprise Point of Sale 11-SP3
                    SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________

   An update that solves four vulnerabilities and has two
   fixes is now available.

Description:

   This update for xen fixes several issues.

   These security issues were fixed:

   - bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD)
     code allowed for DoS (XSA-246)
   - bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged
     guests to retain a writable mapping of freed memory leading to
     information leaks, privilege escalation or DoS (XSA-247).
   - CVE-2017-15289: The mode4and5 write functions allowed local OS guest
     privileged users to cause a denial of service (out-of-bounds write
     access and Qemu process crash) via vectors related to dst calculation
     (bsc#1063123)
   - CVE-2017-15597: A grant copy operation being done on a grant of a dying
     domain allowed a malicious guest administrator to corrupt hypervisor
     memory, allowing for DoS or potentially privilege escalation and
     information leaks (bsc#1061075).
   - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS
     (unbounded recursion, stack consumption, and hypervisor crash) or
     possibly gain privileges via crafted page-table stacking (bsc#1061081).
   - CVE-2017-15592: x86 HVM guest OS users were able to cause a DoS
     (hypervisor crash) or possibly gain privileges because self-linear
     shadow mappings were mishandled for translated guests (bsc#1061086).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11-SP3-LTSS:

      zypper in -t patch slessp3-xen-13366=1

   - SUSE Linux Enterprise Point of Sale 11-SP3:

      zypper in -t patch sleposp3-xen-13366=1

   - SUSE Linux Enterprise Debuginfo 11-SP3:

      zypper in -t patch dbgsp3-xen-13366=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64):

      xen-kmp-default-4.2.5_21_3.0.101_0.47.106.8-45.16.1
      xen-libs-4.2.5_21-45.16.1
      xen-tools-domU-4.2.5_21-45.16.1

   - SUSE Linux Enterprise Server 11-SP3-LTSS (x86_64):

      xen-4.2.5_21-45.16.1
      xen-doc-html-4.2.5_21-45.16.1
      xen-doc-pdf-4.2.5_21-45.16.1
      xen-libs-32bit-4.2.5_21-45.16.1
      xen-tools-4.2.5_21-45.16.1

   - SUSE Linux Enterprise Server 11-SP3-LTSS (i586):

      xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.8-45.16.1

   - SUSE Linux Enterprise Point of Sale 11-SP3 (i586):

      xen-kmp-default-4.2.5_21_3.0.101_0.47.106.8-45.16.1
      xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.8-45.16.1
      xen-libs-4.2.5_21-45.16.1
      xen-tools-domU-4.2.5_21-45.16.1

   - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64):

      xen-debuginfo-4.2.5_21-45.16.1
      xen-debugsource-4.2.5_21-45.16.1


References:

   https://www.suse.com/security/cve/CVE-2017-15289.html
   https://www.suse.com/security/cve/CVE-2017-15592.html
   https://www.suse.com/security/cve/CVE-2017-15595.html
   https://www.suse.com/security/cve/CVE-2017-15597.html
   https://bugzilla.suse.com/1061075
   https://bugzilla.suse.com/1061081
   https://bugzilla.suse.com/1061086
   https://bugzilla.suse.com/1063123
   https://bugzilla.suse.com/1068187
   https://bugzilla.suse.com/1068191

SuSE: 2017:3212-1: important: xen

December 5, 2017
An update that solves four vulnerabilities and has two An update that solves four vulnerabilities and has two An update that solves four vulnerabilities and has two fixes is now av...

Summary

This update for xen fixes several issues. These security issues were fixed: - bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD) code allowed for DoS (XSA-246) - bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests to retain a writable mapping of freed memory leading to information leaks, privilege escalation or DoS (XSA-247). - CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation (bsc#1063123) - CVE-2017-15597: A grant copy operation being done on a grant of a dying domain allowed a malicious guest administrator to corrupt hypervisor memory, allowing for DoS or potentially privilege escalation and information leaks (bsc#1061075). - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking (bsc#1061081). - CVE-2017-15592: x86 HVM guest OS users were able to cause a DoS (hypervisor crash) or possibly gain privileges because self-linear shadow mappings were mishandled for translated guests (bsc#1061086). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-xen-13366=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-xen-13366=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-xen-13366=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64): xen-kmp-default-4.2.5_21_3.0.101_0.47.106.8-45.16.1 xen-libs-4.2.5_21-45.16.1 xen-tools-domU-4.2.5_21-45.16.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (x86_64): xen-4.2.5_21-45.16.1 xen-doc-html-4.2.5_21-45.16.1 xen-doc-pdf-4.2.5_21-45.16.1 xen-libs-32bit-4.2.5_21-45.16.1 xen-tools-4.2.5_21-45.16.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586): xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.8-45.16.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): xen-kmp-default-4.2.5_21_3.0.101_0.47.106.8-45.16.1 xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.8-45.16.1 xen-libs-4.2.5_21-45.16.1 xen-tools-domU-4.2.5_21-45.16.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64): xen-debuginfo-4.2.5_21-45.16.1 xen-debugsource-4.2.5_21-45.16.1

References

#1061075 #1061081 #1061086 #1063123 #1068187

#1068191

Cross- CVE-2017-15289 CVE-2017-15592 CVE-2017-15595

CVE-2017-15597

Affected Products:

SUSE Linux Enterprise Server 11-SP3-LTSS

SUSE Linux Enterprise Point of Sale 11-SP3

SUSE Linux Enterprise Debuginfo 11-SP3

https://www.suse.com/security/cve/CVE-2017-15289.html

https://www.suse.com/security/cve/CVE-2017-15592.html

https://www.suse.com/security/cve/CVE-2017-15595.html

https://www.suse.com/security/cve/CVE-2017-15597.html

https://bugzilla.suse.com/1061075

https://bugzilla.suse.com/1061081

https://bugzilla.suse.com/1061086

https://bugzilla.suse.com/1063123

https://bugzilla.suse.com/1068187

https://bugzilla.suse.com/1068191

Severity
Announcement ID: SUSE-SU-2017:3212-1
Rating: important

Related News