Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
100
security advisorymoderatethreat mitigationSUSE: 2024:0265-1 Moderate: Xen Phantom Functions DoS Threat
* bsc#1218851 Cross-References: * CVE-2023-46839 . # Security update for xen Announcement ID: SUSE-SU-2024:0265-1 Rating: moderate References: * bsc#1218851 Cross-References: * CVE-2023-46839 CVSS scores: * CVE-2023-46839 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46839: Fixed phantom functions assigned to incorrect contexts (XSA-449) (bsc#1218851) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-265=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-265=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-265=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-265=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 x86_64) * xen-debugsource-4.12.4_44-3.103.1 * xen-devel-4.12.4_44-3.103.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * xen-libs-32bit-4.12.4_44-3.103.1 * xen-tools-4.12.4_44-3.103.1 * xen-doc-html-4.12.4_44-3.103.1 * xen-libs-debuginfo-4.12.4_44-3.103.1 * xen-4.12.4_44-3.103.1 * xen-debugsource-4.12.4_44-3.103.1 *xen-tools-debuginfo-4.12.4_44-3.103.1 * xen-libs-4.12.4_44-3.103.1 * xen-tools-domU-debuginfo-4.12.4_44-3.103.1 * xen-tools-domU-4.12.4_44-3.103.1 * xen-libs-debuginfo-32bit-4.12.4_44-3.103.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * xen-libs-32bit-4.12.4_44-3.103.1 * xen-tools-4.12.4_44-3.103.1 * xen-doc-html-4.12.4_44-3.103.1 * xen-libs-debuginfo-4.12.4_44-3.103.1 * xen-4.12.4_44-3.103.1 * xen-debugsource-4.12.4_44-3.103.1 * xen-tools-debuginfo-4.12.4_44-3.103.1 * xen-libs-4.12.4_44-3.103.1 * xen-tools-domU-debuginfo-4.12.4_44-3.103.1 * xen-tools-domU-4.12.4_44-3.103.1 * xen-libs-debuginfo-32bit-4.12.4_44-3.103.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * xen-libs-32bit-4.12.4_44-3.103.1 * xen-tools-4.12.4_44-3.103.1 * xen-doc-html-4.12.4_44-3.103.1 * xen-libs-debuginfo-4.12.4_44-3.103.1 * xen-4.12.4_44-3.103.1 * xen-debugsource-4.12.4_44-3.103.1 * xen-tools-debuginfo-4.12.4_44-3.103.1 * xen-libs-4.12.4_44-3.103.1 * xen-tools-domU-debuginfo-4.12.4_44-3.103.1 * xen-tools-domU-4.12.4_44-3.103.1 * xen-libs-debuginfo-32bit-4.12.4_44-3.103.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46839.html * https://bugzilla.suse.com/show_bug.cgi?id=1218851 . Download and implement the most recent SUSE patch for xen to tackle cross-referencing problems and enhance overall system defense.. SUSE Security Update, Xen Threat Mitigation, Linux Protection Patch. . LinuxSecurity.com Team
Jan 31, 2024
SuSE
202
security advisorybuffer overflowimportantopenSUSE 15.3: SUSE-SU-2023:4466-1 important: IOMMU fixes
This update for xen fixes the following issues: CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels (XSA-445) (bsc#1216654).. # Security update for xen Announcement ID: SUSE-SU-2023:4466-1 Rating: important References: * bsc#1216654 * bsc#1216807 Cross-References: * CVE-2023-46835 * CVE-2023-46836 CVSS scores: * CVE-2023-46835 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels (XSA-445) (bsc#1216654). * CVE-2023-46836: x86: BTC/SRSO fixes not fully effective (XSA-446) (bsc#1216807). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2023-4466=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-4466=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-4466=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patchSUSE-SLE-Product-SLES-15-SP3-LTSS-2023-4466=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-4466=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2023-4466=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-4466=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-4466=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-4466=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * xen-debugsource-4.14.6_08-150300.3.60.1 * xen-tools-domU-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-4.14.6_08-150300.3.60.1 * xen-tools-domU-4.14.6_08-150300.3.60.1 * xen-devel-4.14.6_08-150300.3.60.1 * openSUSE Leap 15.3 (x86_64) * xen-libs-32bit-4.14.6_08-150300.3.60.1 * xen-libs-32bit-debuginfo-4.14.6_08-150300.3.60.1 * openSUSE Leap 15.3 (aarch64 x86_64) * xen-tools-debuginfo-4.14.6_08-150300.3.60.1 * xen-tools-4.14.6_08-150300.3.60.1 * xen-4.14.6_08-150300.3.60.1 * xen-doc-html-4.14.6_08-150300.3.60.1 * openSUSE Leap 15.3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_08-150300.3.60.1 * openSUSE Leap 15.3 (aarch64_ilp32) * xen-libs-64bit-4.14.6_08-150300.3.60.1 * xen-libs-64bit-debuginfo-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (x86_64) * xen-4.14.6_08-150300.3.60.1 * xen-debugsource-4.14.6_08-150300.3.60.1 * xen-tools-debuginfo-4.14.6_08-150300.3.60.1 * xen-tools-domU-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-4.14.6_08-150300.3.60.1 * xen-tools-domU-4.14.6_08-150300.3.60.1 * xen-tools-4.14.6_08-150300.3.60.1 * xen-devel-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (noarch) *xen-tools-xendomains-wait-disk-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * xen-4.14.6_08-150300.3.60.1 * xen-debugsource-4.14.6_08-150300.3.60.1 * xen-tools-debuginfo-4.14.6_08-150300.3.60.1 * xen-tools-domU-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-4.14.6_08-150300.3.60.1 * xen-tools-domU-4.14.6_08-150300.3.60.1 * xen-tools-4.14.6_08-150300.3.60.1 * xen-devel-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * xen-4.14.6_08-150300.3.60.1 * xen-debugsource-4.14.6_08-150300.3.60.1 * xen-tools-debuginfo-4.14.6_08-150300.3.60.1 * xen-tools-domU-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-4.14.6_08-150300.3.60.1 * xen-tools-domU-4.14.6_08-150300.3.60.1 * xen-tools-4.14.6_08-150300.3.60.1 * xen-devel-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * xen-4.14.6_08-150300.3.60.1 * xen-debugsource-4.14.6_08-150300.3.60.1 * xen-tools-debuginfo-4.14.6_08-150300.3.60.1 * xen-tools-domU-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-4.14.6_08-150300.3.60.1 * xen-tools-domU-4.14.6_08-150300.3.60.1 * xen-tools-4.14.6_08-150300.3.60.1 * xen-devel-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_08-150300.3.60.1 * SUSE Enterprise Storage 7.1 (x86_64) * xen-4.14.6_08-150300.3.60.1 * xen-debugsource-4.14.6_08-150300.3.60.1 * xen-tools-debuginfo-4.14.6_08-150300.3.60.1 *xen-tools-domU-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-debuginfo-4.14.6_08-150300.3.60.1 * xen-libs-4.14.6_08-150300.3.60.1 * xen-tools-domU-4.14.6_08-150300.3.60.1 * xen-tools-4.14.6_08-150300.3.60.1 * xen-devel-4.14.6_08-150300.3.60.1 * SUSE Enterprise Storage 7.1 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * xen-libs-debuginfo-4.14.6_08-150300.3.60.1 * xen-debugsource-4.14.6_08-150300.3.60.1 * xen-libs-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * xen-libs-debuginfo-4.14.6_08-150300.3.60.1 * xen-debugsource-4.14.6_08-150300.3.60.1 * xen-libs-4.14.6_08-150300.3.60.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * xen-libs-debuginfo-4.14.6_08-150300.3.60.1 * xen-debugsource-4.14.6_08-150300.3.60.1 * xen-libs-4.14.6_08-150300.3.60.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46835.html * https://www.suse.com/security/cve/CVE-2023-46836.html * https://bugzilla.suse.com/show_bug.cgi?id=1216654 * https://bugzilla.suse.com/show_bug.cgi?id=1216807 . A critical security patch for xen tackles CVE-2023-46840 and CVE-2023-46841, enhancing overall system protection.. openSUSE,xen security,IOMMU fixes,system vulnerabilities,security patching. . Severity: Important. LinuxSecurity.com Team
Nov 16, 2023
•Important
OpenSUSE
100
security advisorysystem stabilitycritical issuesSUSE: 2023:4184-1 Important: Multiple Xen Security Issues Addressed
* bsc#1215744 * bsc#1215746 * bsc#1215747 * bsc#1215748 . # Security update for xen Announcement ID: SUSE-SU-2023:4184-1 Rating: important References: * bsc#1215744 * bsc#1215746 * bsc#1215747 * bsc#1215748 Cross-References: * CVE-2023-34323 * CVE-2023-34325 * CVE-2023-34326 * CVE-2023-34327 * CVE-2023-34328 CVSS scores: * CVE-2023-34323 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-34325 ( SUSE ): 5.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-34326 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-34327 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-34328 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE CaaS Platform 4.0 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 An update that solves five vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-34323: Fixed a potential crash in C Xenstored due to an incorrect assertion (XSA-440) (bsc#1215744). * CVE-2023-34326: Fixed a missing IOMMU TLB flush on x86 AMD systems with IOMMU hardware and PCI passthrough enabled (XSA-442) (bsc#1215746). * CVE-2023-34325: Fixed multiple parsing issues in libfsimage (XSA-443) (bsc#1215747). * CVE-2023-34327, CVE-2023-34328: Fixed multiple issues with AMD x86 debugging functionality for guests (XSA-444) (bsc#1215748). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE LinuxEnterprise High Performance Computing 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-4184=1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-4184=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-4184=1 * SUSE CaaS Platform 4.0 To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (x86_64) * xen-tools-domU-debuginfo-4.12.4_40-150100.3.95.1 * xen-tools-debuginfo-4.12.4_40-150100.3.95.1 * xen-debugsource-4.12.4_40-150100.3.95.1 * xen-devel-4.12.4_40-150100.3.95.1 * xen-4.12.4_40-150100.3.95.1 * xen-tools-domU-4.12.4_40-150100.3.95.1 * xen-libs-debuginfo-4.12.4_40-150100.3.95.1 * xen-tools-4.12.4_40-150100.3.95.1 * xen-libs-4.12.4_40-150100.3.95.1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (x86_64) * xen-tools-domU-debuginfo-4.12.4_40-150100.3.95.1 * xen-tools-debuginfo-4.12.4_40-150100.3.95.1 * xen-debugsource-4.12.4_40-150100.3.95.1 * xen-devel-4.12.4_40-150100.3.95.1 * xen-4.12.4_40-150100.3.95.1 * xen-tools-domU-4.12.4_40-150100.3.95.1 * xen-libs-debuginfo-4.12.4_40-150100.3.95.1 * xen-tools-4.12.4_40-150100.3.95.1 * xen-libs-4.12.4_40-150100.3.95.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 (x86_64) * xen-tools-domU-debuginfo-4.12.4_40-150100.3.95.1 * xen-tools-debuginfo-4.12.4_40-150100.3.95.1 * xen-debugsource-4.12.4_40-150100.3.95.1 * xen-devel-4.12.4_40-150100.3.95.1 * xen-4.12.4_40-150100.3.95.1 * xen-tools-domU-4.12.4_40-150100.3.95.1 * xen-libs-debuginfo-4.12.4_40-150100.3.95.1 * xen-tools-4.12.4_40-150100.3.95.1 * xen-libs-4.12.4_40-150100.3.95.1 * SUSE CaaSPlatform 4.0 (x86_64) * xen-tools-domU-debuginfo-4.12.4_40-150100.3.95.1 * xen-tools-debuginfo-4.12.4_40-150100.3.95.1 * xen-debugsource-4.12.4_40-150100.3.95.1 * xen-devel-4.12.4_40-150100.3.95.1 * xen-4.12.4_40-150100.3.95.1 * xen-tools-domU-4.12.4_40-150100.3.95.1 * xen-libs-debuginfo-4.12.4_40-150100.3.95.1 * xen-tools-4.12.4_40-150100.3.95.1 * xen-libs-4.12.4_40-150100.3.95.1 ## References: * https://www.suse.com/security/cve/CVE-2023-34323.html * https://www.suse.com/security/cve/CVE-2023-34325.html * https://www.suse.com/security/cve/CVE-2023-34326.html * https://www.suse.com/security/cve/CVE-2023-34327.html * https://www.suse.com/security/cve/CVE-2023-34328.html * https://bugzilla.suse.com/show_bug.cgi?id=1215744 * https://bugzilla.suse.com/show_bug.cgi?id=1215746 * https://bugzilla.suse.com/show_bug.cgi?id=1215747 * https://bugzilla.suse.com/show_bug.cgi?id=1215748 . SUSE has issued a vital security update for the Xen hypervisor, tackling vulnerabilities that threaten system integrity while improving stability and protection. SUSE Security Update,Xen Security Fix,SUSE Vulnerability Assessment,Important Updates. . Severity: Important. LinuxSecurity.com Team
Oct 24, 2023
•Important
SuSE
100
security advisorysecurity updatesoftware patchSUSE 12-SP2: 2021:3322-1 Moderate: Xen Security Issues Resolved
An update that fixes 13 vulnerabilities is now available. . SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3322-1 Rating: moderate References: #1182654 #1186429 #1186433 #1186434 #1187369 #1187376 #1187378 #1189373 #1189376 #1189378 #1189632 #1189882 Cross-References: CVE-2021-0089 CVE-2021-20255 CVE-2021-28690 CVE-2021-28692 CVE-2021-28694 CVE-2021-28695 CVE-2021-28696 CVE-2021-28697 CVE-2021-28698 CVE-2021-28701 CVE-2021-3592 CVE-2021-3594 CVE-2021-3595 CVSS scores: CVE-2021-0089 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2021-20255 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-20255 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L CVE-2021-28694 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-28695 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-28696 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-28697 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-28698 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-28701 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-3592 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N CVE-2021-3592 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N CVE-2021-3594 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N CVE-2021-3594 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N CVE-2021-3595 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N CVE-2021-3595 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N Affected Products: SUSE Linux Enterprise Server 12-SP2-BCL ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: This update for xen fixes the following issues: - CVE-2021-28701: Fixed race condition in XENMAPSPACE_grant_table handling (XSA-384) (bsc#1189632). - CVE-2021-28694,CVE-2021-28695,CVE-2021-28696: Fixed IOMMU page mapping issues on x86 (XSA-378)(bsc#1189373). - CVE-2021-28697: Fixed grant table v2 status pages that may remain accessible after de-allocation (XSA-379)(bsc#1189376). - CVE-2021-28698: Fixed long running loops in grant table handling (XSA-380)(bsc#1189378). - CVE-2021-20255: Fixed eepro100 stack overflow via infinite recursion (bsc#1182654). - CVE-2021-3592: Fixed invalid pointer initialization may lead to information disclosure (bootp) (bsc#1187369). - CVE-2021-3594: Fixed invalid pointer initialization may lead to information disclosure (udp) (bsc#1187378). - CVE-2021-3595: Fixed invalid pointer initialization may lead to information disclosure (tftp) (bsc#1187376). - CVE-2021-28692: Fixed inappropriate x86 IOMMU timeout detection / handling (XSA-373)(bsc#1186429). - CVE-2021-0089: Fixed Speculative Code Store Bypass (XSA-375)(bsc#1186433). - CVE-2021-28690: Fixed x86 TSX Async Abort protections not restored after S3 (XSA-377)(bsc#1186434). - Prevent superpage allocation in the LAPIC and ACPI_INFO range (bsc#1189882). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2021-3322=1 Package List: - SUSE Linux Enterprise Server12-SP2-BCL (x86_64): xen-4.7.6_16-43.79.5 xen-debugsource-4.7.6_16-43.79.5 xen-doc-html-4.7.6_16-43.79.5 xen-libs-32bit-4.7.6_16-43.79.5 xen-libs-4.7.6_16-43.79.5 xen-libs-debuginfo-32bit-4.7.6_16-43.79.5 xen-libs-debuginfo-4.7.6_16-43.79.5 xen-tools-4.7.6_16-43.79.5 xen-tools-debuginfo-4.7.6_16-43.79.5 xen-tools-domU-4.7.6_16-43.79.5 xen-tools-domU-debuginfo-4.7.6_16-43.79.5 References: https://www.suse.com/security/cve/CVE-2021-0089.html https://www.suse.com/security/cve/CVE-2021-20255.html https://www.suse.com/security/cve/CVE-2021-28690.html https://www.suse.com/security/cve/CVE-2021-28692.html https://www.suse.com/security/cve/CVE-2021-28694.html https://www.suse.com/security/cve/CVE-2021-28695.html https://www.suse.com/security/cve/CVE-2021-28696.html https://www.suse.com/security/cve/CVE-2021-28697.html https://www.suse.com/security/cve/CVE-2021-28698.html https://www.suse.com/security/cve/CVE-2021-28701.html https://www.suse.com/security/cve/CVE-2021-3592.html https://www.suse.com/security/cve/CVE-2021-3594.html https://www.suse.com/security/cve/CVE-2021-3595.html https://bugzilla.suse.com/1182654 https://bugzilla.suse.com/1186429 https://bugzilla.suse.com/1186433 https://bugzilla.suse.com/1186434 https://bugzilla.suse.com/1187369 https://bugzilla.suse.com/1187376 https://bugzilla.suse.com/1187378 https://bugzilla.suse.com/1189373 https://bugzilla.suse.com/1189376 https://bugzilla.suse.com/1189378 https://bugzilla.suse.com/1189632 https://bugzilla.suse.com/1189882 . SUSE has released a security update addressing 13 vulnerabilities in xen, with several categorized as moderate. Users of Enterprise Server 12-SP2 are advised to apply this update.. SUSE Linux, Xen Issues, Security Update, Software Patch. . LinuxSecurity.com Team
Oct 07, 2021
SuSE
100
security advisoryDoSinteger overflowSUSE: 2018:2037-1 Moderate: Xen Integer Overflow and DoS Fix
An update that solves 5 vulnerabilities and has two fixes is now available. . SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:2037-1 Rating: moderate References: #1027519 #1079730 #1095242 #1096224 #1097521 #1097522 #1098744 Cross-References: CVE-2018-11806 CVE-2018-12617 CVE-2018-12891 CVE-2018-12893 CVE-2018-3665 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has two fixes is now available. Description: This update for xen fixes the following issues: Security issues fixed: - CVE-2018-12617: Fix integer overflow that causes segmentation fault in qmp_guest_file_read() with g_malloc() (bsc#1098744). - CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242). - CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224). - CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521). - CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522). Bug fixes: - bsc#1079730: Fix failed "write" lock. - bsc#1027519: Add upstream patches from January. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-xen-13698=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patchslessp4-xen-13698=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xen-13698=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): xen-devel-4.4.4_34-61.32.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): xen-kmp-default-4.4.4_34_3.0.101_108.57-61.32.1 xen-libs-4.4.4_34-61.32.1 xen-tools-domU-4.4.4_34-61.32.1 - SUSE Linux Enterprise Server 11-SP4 (x86_64): xen-4.4.4_34-61.32.1 xen-doc-html-4.4.4_34-61.32.1 xen-libs-32bit-4.4.4_34-61.32.1 xen-tools-4.4.4_34-61.32.1 - SUSE Linux Enterprise Server 11-SP4 (i586): xen-kmp-pae-4.4.4_34_3.0.101_108.57-61.32.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): xen-debuginfo-4.4.4_34-61.32.1 xen-debugsource-4.4.4_34-61.32.1 References: https://www.suse.com/security/cve/CVE-2018-11806.html https://www.suse.com/security/cve/CVE-2018-12617.html https://www.suse.com/security/cve/CVE-2018-12891.html https://www.suse.com/security/cve/CVE-2018-12893.html https://www.suse.com/security/cve/CVE-2018-3665.html https://bugzilla.suse.com/1027519 https://bugzilla.suse.com/1079730 https://bugzilla.suse.com/1095242 https://bugzilla.suse.com/1096224 https://bugzilla.suse.com/1097521 https://bugzilla.suse.com/1097522 https://bugzilla.suse.com/1098744 . SUSE has issued a vital security update for xen, fixing multiple vulnerabilities and including essential bug fixes. Installation instructions and documentation are available.. SUSE Linux Update,Xen Security Fix,Software Development Kit,Server Patch. . LinuxSecurity.com Team
Jul 23, 2018
SuSE
100
security advisoryinformation leakprivilege escalationSUSE: 2017:3236-1 Important: Xen DoS and Privilege Issues Fix
An update that solves 5 vulnerabilities and has three fixes An update that solves 5 vulnerabilities and has three fixes An update that solves 5 vulnerabilities and has three fixes is now available. is now available.. SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:3236-1 Rating: important References: #1055047 #1056336 #1061075 #1061081 #1061086 #1063123 #1068187 #1068191 Cross-References: CVE-2017-13672 CVE-2017-15289 CVE-2017-15592 CVE-2017-15595 CVE-2017-15597 Affected Products: SUSE OpenStack Cloud 6 SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP1-LTSS ______________________________________________________________________________ An update that solves 5 vulnerabilities and has three fixes is now available. Description: This update for xen fixes several issues. These security issues were fixed: - bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD) code allowed for DoS (XSA-246) - bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests to retain a writable mapping of freed memory leading to information leaks, privilege escalation or DoS (XSA-247). - CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation (bsc#1063123) - CVE-2017-15597: A grant copy operation being done on a grant of a dying domain allowed a malicious guest administrator to corrupt hypervisor memory, allowing for DoS or potentially privilege escalation and information leaks (bsc#1061075). - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded recursion, stack consumption, and hypervisorcrash) or possibly gain privileges via crafted page-table stacking (bsc#1061081). - CVE-2017-15592: x86 HVM guest OS users were able to cause a DoS (hypervisor crash) or possibly gain privileges because self-linear shadow mappings were mishandled for translated guests (bsc#1061086). - CVE-2017-13672: The VGA display emulator support allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update (bsc#1056336) This non-security issue was fixed: - bsc#1055047: Fixed --initrd-inject option in virt-install Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-2013=1 - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-2013=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-2013=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (x86_64): xen-4.5.5_20-22.36.3 xen-debugsource-4.5.5_20-22.36.3 xen-doc-html-4.5.5_20-22.36.3 xen-kmp-default-4.5.5_20_k3.12.74_60.64.63-22.36.3 xen-kmp-default-debuginfo-4.5.5_20_k3.12.74_60.64.63-22.36.3 xen-libs-32bit-4.5.5_20-22.36.3 xen-libs-4.5.5_20-22.36.3 xen-libs-debuginfo-32bit-4.5.5_20-22.36.3 xen-libs-debuginfo-4.5.5_20-22.36.3 xen-tools-4.5.5_20-22.36.3 xen-tools-debuginfo-4.5.5_20-22.36.3 xen-tools-domU-4.5.5_20-22.36.3 xen-tools-domU-debuginfo-4.5.5_20-22.36.3 - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): xen-4.5.5_20-22.36.3 xen-debugsource-4.5.5_20-22.36.3 xen-doc-html-4.5.5_20-22.36.3 xen-kmp-default-4.5.5_20_k3.12.74_60.64.63-22.36.3 xen-kmp-default-debuginfo-4.5.5_20_k3.12.74_60.64.63-22.36.3 xen-libs-32bit-4.5.5_20-22.36.3 xen-libs-4.5.5_20-22.36.3 xen-libs-debuginfo-32bit-4.5.5_20-22.36.3 xen-libs-debuginfo-4.5.5_20-22.36.3 xen-tools-4.5.5_20-22.36.3 xen-tools-debuginfo-4.5.5_20-22.36.3 xen-tools-domU-4.5.5_20-22.36.3 xen-tools-domU-debuginfo-4.5.5_20-22.36.3 - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): xen-4.5.5_20-22.36.3 xen-debugsource-4.5.5_20-22.36.3 xen-doc-html-4.5.5_20-22.36.3 xen-kmp-default-4.5.5_20_k3.12.74_60.64.63-22.36.3 xen-kmp-default-debuginfo-4.5.5_20_k3.12.74_60.64.63-22.36.3 xen-libs-32bit-4.5.5_20-22.36.3 xen-libs-4.5.5_20-22.36.3 xen-libs-debuginfo-32bit-4.5.5_20-22.36.3 xen-libs-debuginfo-4.5.5_20-22.36.3 xen-tools-4.5.5_20-22.36.3 xen-tools-debuginfo-4.5.5_20-22.36.3 xen-tools-domU-4.5.5_20-22.36.3 xen-tools-domU-debuginfo-4.5.5_20-22.36.3 References: https://www.suse.com/security/cve/CVE-2017-13672.html https://www.suse.com/security/cve/CVE-2017-15289.html https://www.suse.com/security/cve/CVE-2017-15592.html https://www.suse.com/security/cve/CVE-2017-15595.html https://www.suse.com/security/cve/CVE-2017-15597.html https://bugzilla.suse.com/1055047 https://bugzilla.suse.com/1056336 https://bugzilla.suse.com/1061075 https://bugzilla.suse.com/1061081 https://bugzilla.suse.com/1061086 https://bugzilla.suse.com/1063123 https://bugzilla.suse.com/1068187 https://bugzilla.suse.com/1068191 . A new patch for SUSE xen has been released to address significant security vulnerabilities, mitigating risks of denial-of-service attacks and privilege escalation threats.. SUSE Update,Xen Security,DoS Prevention,Privilege Escalation,Cloud Security. . Severity: Important. LinuxSecurity.com Team
Dec 07, 2017
•Important
SuSE
202
security advisorydenial of servicecritical issuesopenSUSE 42.1: 2016:2494-1 Important: Xen Security Fixes and Updates
An update that solves 46 vulnerabilities and has 17 fixes An update that solves 46 vulnerabilities and has 17 fixes An update that solves 46 vulnerabilities and has 17 fixes is now available. is now available.. openSUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:2494-1 Rating: important References: #900418 #949889 #953339 #953362 #953518 #954872 #955104 #958848 #959330 #959552 #961100 #961600 #963161 #964427 #970135 #971949 #973188 #973631 #974038 #975130 #975138 #975907 #976058 #976111 #978164 #978295 #978413 #979620 #979670 #980716 #980724 #981264 #981276 #982024 #982025 #982026 #982224 #982225 #982286 #982695 #982960 #983973 #983984 #984981 #985503 #986586 #988675 #988676 #990500 #990843 #990923 #990970 #991934 #992224 #993665 #994421 #994625 #994761 #994772 #994775 #995785 #995789 #995792 Cross-References: CVE-2014-3615 CVE-2014-3672 CVE-2015-7512 CVE-2015-8504 CVE-2015-8558 CVE-2015-8568 CVE-2015-8613 CVE-2015-8743 CVE-2016-1714 CVE-2016-1981 CVE-2016-3158 CVE-2016-3159 CVE-2016-3710 CVE-2016-3712 CVE-2016-3960 CVE-2016-4001 CVE-2016-4002 CVE-2016-4020 CVE-2016-4037 CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4480 CVE-2016-4952 CVE-2016-4962 CVE-2016-4963 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-6258 CVE-2016-6259 CVE-2016-6351 CVE-2016-6833 CVE-2016-6834 CVE-2016-6835 CVE-2016-6836 CVE-2016-6888 CVE-2016-7092 CVE-2016-7093 CVE-2016-7094 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that solves 46 vulnerabilities and has 17 fixes is now available. Description: This update for xen fixes the following issues: These security issues were fixed: - CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785) - CVE-2016-7093: Xen allowed local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation (bsc#995789) - CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792) - CVE-2016-6836: VMWARE VMXNET3 NIC device support was leaging information leakage. A privileged user inside guest could have used this to leak host memory bytes to a guest (boo#994761) - CVE-2016-6888: Integer overflow in packet initialisation in VMXNET3 device driver. A privileged user inside guest could have used this flaw to crash the Qemu instance resulting in DoS (bsc#994772) - CVE-2016-6833: Use-after-free issue in the VMWARE VMXNET3 NIC device support. A privileged user inside guest could have used this issue to crash the Qemu instance resulting in DoS (boo#994775) - CVE-2016-6835: Buffer overflow in the VMWARE VMXNET3 NIC device support, causing an OOB read access (bsc#994625) - CVE-2016-6834: A infinite loop during packet fragmentation in the VMWARE VMXNET3 NIC device support allowed privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#994421) - CVE-2016-6258: The PVpagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries (bsc#988675) - CVE-2016-6259: Xen did not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allowed local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check (bsc#988676) - CVE-2016-5403: The virtqueue_pop function in hw/virtio/virtio.c in QEMU allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion (boo#990923) - CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c, when built with ESP/NCR53C9x controller emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the host via vectors involving DMA read into ESP command buffer (bsc#990843) - CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries (bsc#988675) - CVE-2016-6259: Xen did not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allowed local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check (bsc#988676) - CVE-2016-5337: The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information (bsc#983973) - CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denialof service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer (bsc#983984) - CVE-2016-5238: The get_cmd function in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982960) - CVE-2016-4453: The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command (bsc#982225) - CVE-2016-4454: The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read (bsc#982224) - CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allowed local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call (bsc#982286) - CVE-2016-5105: The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, used an uninitialized variable, which allowed local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command (bsc#982024) - CVE-2016-5106: The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allowed local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command (bsc#982025) - CVE-2016-5107: Themegasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors (bsc#982026) - CVE-2016-4963: The libxl device-handling allowed local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore (bsc#979670) - CVE-2016-4962: The libxl device-handling allowed local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore (bsc#979620) - CVE-2016-4952: Out-of-bounds access issue in pvsci_ring_init_msg/data routines (bsc#981276) - CVE-2016-3710: The VGA module improperly performed bounds checking on banked access to video memory, which allowed local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue (bsc#978164) - CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264) - CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller (FSC) support did not properly check DMA length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command (bsc#980724) - CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI Controller (FSC) support did not properly check command buffer length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the host via unspecified vectors (bsc#980716) - CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping (bsc#974038) - CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188) - CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387.c did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188) - CVE-2016-4037: The ehci_advance_state function in hw/usb/hcd-ehci.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list (bsc#976111) - CVE-2016-4020: The patch_instruction function did not initialize the imm32 variable, which allowed local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR) (bsc#975907) - CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function, when the Stellaris ethernet controller is configured to accept large packets, allowed remote attackers to cause a denial of service (QEMU crash) via a large packet (bsc#975130) - CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the guest NIC is configured to accept large packets, allowed remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes(bsc#975138) - CVE-2016-4480: The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen did not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might have allowed local guest OS users to gain privileges via a crafted mapping of memory (bsc#978295) These non-security issues were fixed: - boo#991934: xen hypervisor crash in csched_acct - boo#992224: During boot of Xen Hypervisor, Failed to get contiguous memory for DMA from Xen - boo#955104: Virsh reports error "one or more references were leaked after disconnect from hypervisor" when "virsh save" failed due to "no response from client after 6 keepalive messages" - boo#959552: Migration of HVM guest leads into libvirt segmentation fault - boo#993665: Migration of xen guests finishes in: One or more references were leaked after disconnect from the hypervisor - boo#959330: Guest migrations using virsh results in error "Internal error: received hangup / error event on socket" - boo#990500: VM virsh migration fails with keepalive error: ":virKeepAliveTimerInternal:143 : No response from client" - boo#953518: Unplug also SCSI disks in qemu-xen-traditional for upstream unplug protocol - boo#953518: xen_platform: unplug also SCSI disks in qemu-xen - boo#971949: Support (by ignoring) xl migrate --live. xl migrations are always live - boo#970135: New virtualization project clock test randomly fails on Xen - boo#990970: Add PMU support for Intel E7-8867 v4 (fam=6, model=79) - boo#985503: vif-route broken - boo#961100: Migrate a fv guest from sles12 to sles12sp1 fails remove patch because it can not fix the bug - boo#978413: PV guest upgrade from sles11sp4 to sles12sp2 alpha3 failed on sles11sp4 xen host. - boo#986586: Out of memory (oom) during boot on "modprobe xenblk" (non xen kernel) init.50-hvm-xen_conf - boo#900418: Dump cannot be performed on SLES12 XEN - boo#953339,boo#953362, boo#953518, boo#984981: Implement SUSE specific unplug protocol for emulated PCI devices in PVonHVM guests to qemu-xen-upstream - boo#954872: script block-dmmd not working as expected - libxl: error: libxl_dm.c (Additional fixes) block-dmmd - boo#982695: xen-4.5.2 qemu fails to boot HVM guest from xvda - boo#958848: HVM guest crash at /usr/src/packages/BUILD/ xen-4.4.2-testing/obj/default/balloon/balloon.c:407 - boo#949889: Fail to install 32-bit paravirt VM under SLES12SP1Beta3 XEN - boo#954872: script block-dmmd not working as expected - libxl: error: libxl_dm.c (another modification) block-dmmd - boo#961600: Poor performance when Xen HVM domU configured with max memory greater than current memory - boo#963161: Windows VM getting stuck during load while a VF is assigned to it after upgrading to latest maintenance updates - boo#976058: Xen error running simple HVM guest (Post Alpha 2 xen+qemu) - boo#961100: Migrate a fv guest from sles12 to sles12sp1 on xen fails for "Domain is not running on destination host". qemu-ignore-kvm-tpr-opt-on-migration.patch - boo#973631: AWS EC2 kdump issue - boo#964427: Discarding device blocks: failed - Input/output error Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-1170=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i586 x86_64): xen-debugsource-4.5.3_10-15.2 xen-devel-4.5.3_10-15.2 xen-libs-4.5.3_10-15.2 xen-libs-debuginfo-4.5.3_10-15.2 xen-tools-domU-4.5.3_10-15.2 xen-tools-domU-debuginfo-4.5.3_10-15.2 - openSUSE Leap 42.1 (x86_64): xen-4.5.3_10-15.2 xen-doc-html-4.5.3_10-15.2 xen-kmp-default-4.5.3_10_k4.1.31_30-15.2 xen-kmp-default-debuginfo-4.5.3_10_k4.1.31_30-15.2 xen-libs-32bit-4.5.3_10-15.2 xen-libs-debuginfo-32bit-4.5.3_10-15.2 xen-tools-4.5.3_10-15.2 xen-tools-debuginfo-4.5.3_10-15.2 References: https://www.suse.com/security/cve/CVE-2014-3615.html https://www.suse.com/security/cve/CVE-2014-3672.html https://www.suse.com/security/cve/CVE-2015-7512.html https://www.suse.com/security/cve/CVE-2015-8504.html https://www.suse.com/security/cve/CVE-2015-8558.html https://www.suse.com/security/cve/CVE-2015-8568.html https://www.suse.com/security/cve/CVE-2015-8613.html https://www.suse.com/security/cve/CVE-2015-8743.html https://www.suse.com/security/cve/CVE-2016-1714.html https://www.suse.com/security/cve/CVE-2016-1981.html https://www.suse.com/security/cve/CVE-2016-3158.html https://www.suse.com/security/cve/CVE-2016-3159.html https://www.suse.com/security/cve/CVE-2016-3710.html https://www.suse.com/security/cve/CVE-2016-3712.html https://www.suse.com/security/cve/CVE-2016-3960.html https://www.suse.com/security/cve/CVE-2016-4001.html https://www.suse.com/security/cve/CVE-2016-4002.html https://www.suse.com/security/cve/CVE-2016-4020.html https://www.suse.com/security/cve/CVE-2016-4037.html https://www.suse.com/security/cve/CVE-2016-4439.html https://www.suse.com/security/cve/CVE-2016-4441.html https://www.suse.com/security/cve/CVE-2016-4453.html https://www.suse.com/security/cve/CVE-2016-4454.html https://www.suse.com/security/cve/CVE-2016-4480.html https://www.suse.com/security/cve/CVE-2016-4952.html https://www.suse.com/security/cve/CVE-2016-4962.html https://www.suse.com/security/cve/CVE-2016-4963.html https://www.suse.com/security/cve/CVE-2016-5105.html https://www.suse.com/security/cve/CVE-2016-5106.html https://www.suse.com/security/cve/CVE-2016-5107.html https://www.suse.com/security/cve/CVE-2016-5126.html https://www.suse.com/security/cve/CVE-2016-5238.html https://www.suse.com/security/cve/CVE-2016-5337.html https://www.suse.com/security/cve/CVE-2016-5338.html https://www.suse.com/security/cve/CVE-2016-5403.html https://www.suse.com/security/cve/CVE-2016-6258.html https://www.suse.com/security/cve/CVE-2016-6259.html https://www.suse.com/security/cve/CVE-2016-6351.html https://www.suse.com/security/cve/CVE-2016-6833.html https://www.suse.com/security/cve/CVE-2016-6834.html https://www.suse.com/security/cve/CVE-2016-6835.html https://www.suse.com/security/cve/CVE-2016-6836.html https://www.suse.com/security/cve/CVE-2016-6888.html https://www.suse.com/security/cve/CVE-2016-7092.html https://www.suse.com/security/cve/CVE-2016-7093.html https://www.suse.com/security/cve/CVE-2016-7094.html https://bugzilla.suse.com/900418 https://bugzilla.suse.com/949889 https://bugzilla.suse.com/953339 https://bugzilla.suse.com/953362 https://bugzilla.suse.com/953518 https://bugzilla.suse.com/954872 https://bugzilla.suse.com/955104 https://bugzilla.suse.com/958848 https://bugzilla.suse.com/959330 https://bugzilla.suse.com/959552 https://bugzilla.suse.com/961100 https://bugzilla.suse.com/961600 https://bugzilla.suse.com/963161 https://bugzilla.suse.com/964427 https://bugzilla.suse.com/970135 https://bugzilla.suse.com/971949 https://bugzilla.suse.com/973188 https://bugzilla.suse.com/973631 https://bugzilla.suse.com/974038 https://bugzilla.suse.com/975130 https://bugzilla.suse.com/975138 https://bugzilla.suse.com/975907 https://bugzilla.suse.com/976058 https://bugzilla.suse.com/976111 https://bugzilla.suse.com/978164 https://bugzilla.suse.com/978295 https://bugzilla.suse.com/978413 https://bugzilla.suse.com/979620 https://bugzilla.suse.com/979670 https://bugzilla.suse.com/980716 https://bugzilla.suse.com/980724 https://bugzilla.suse.com/981264 https://bugzilla.suse.com/981276 https://bugzilla.suse.com/982024 https://bugzilla.suse.com/982025 https://bugzilla.suse.com/982026 https://bugzilla.suse.com/982224 https://bugzilla.suse.com/982225 https://bugzilla.suse.com/982286 https://bugzilla.suse.com/982695 https://bugzilla.suse.com/982960 https://bugzilla.suse.com/983973 https://bugzilla.suse.com/983984 https://bugzilla.suse.com/984981 https://bugzilla.suse.com/985503 https://bugzilla.suse.com/986586 https://bugzilla.suse.com/988675 https://bugzilla.suse.com/988676 https://bugzilla.suse.com/990500 https://bugzilla.suse.com/990843 https://bugzilla.suse.com/990923 https://bugzilla.suse.com/990970 https://bugzilla.suse.com/991934 https://bugzilla.suse.com/992224 https://bugzilla.suse.com/993665 https://bugzilla.suse.com/994421 https://bugzilla.suse.com/994625 https://bugzilla.suse.com/994761 https://bugzilla.suse.com/994772 https://bugzilla.suse.com/994775 https://bugzilla.suse.com/995785 https://bugzilla.suse.com/995789 https://bugzilla.suse.com/995792 . The recent security enhancement for xen addresses significant vulnerabilities in openSUSE. Ensure your system's safety by applying the most current updates.. Xen Vulnerabilities, OpenSUSE Security, System Security Updates, Critical Security Fixes. . Severity: Important. LinuxSecurity.com Team
Oct 11, 2016
•Important
OpenSUSE
89
security advisoryfedoraupdateFedora 20: 2015-5402 Critical Update for Xen Host Lock and PCI Issues
Long latency MMIO mapping operations are not preemptible [XSA-125, CVE-2015-2752] Unmediated PCI command register access in qemu [XSA-126, CVE-2015-2756] Certain domctl operations may be abused to lock up the host [XSA-127, CVE-2015-2751] update to xen-4.3.4. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-5402 2015-04-02 11:44:17 -------------------------------------------------------------------------------- Name : xen Product : Fedora 20 Version : 4.3.4 Release : 2.fc20 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: Long latency MMIO mapping operations are not preemptible [XSA-125, CVE-2015-2752] Unmediated PCI command register access in qemu [XSA-126, CVE-2015-2756] Certain domctl operations may be abused to lock up the host [XSA-127, CVE-2015-2751] update to xen-4.3.4 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 31 2015 Michael Young - 4.3.4-2 - Long latency MMIO mapping operations are not preemptible [XSA-125, CVE-2015-2752] (#1207741) - Unmediated PCI command register access in qemu [XSA-126, CVE-2015-2756] (#1307738) - Certain domctl operations may be abused to lock up the host [XSA-127, CVE-2015-2751] (#1207739) * Mon Mar 23 2015 Michael Young - 4.3.4-1 - update to xen-4.3.4 remove patches for fixes that are now included * Thu Mar 12 2015 Michael Young - 4.3.3-12 - HVM qemu unexpectedly enabling emulated VGA graphics backends [XSA-119, CVE-2015-2152] (#1201365) * Wed Mar 11 2015 Michael Young - 4.3.3-11 - Hypervisor memory corruption due to x86 emulator flaw [XSA-123, CVE-2015-2151] (#1200398) * Thu Mar 5 2015 Michael Young - 4.3.3-10 - Informationleak via internal x86 system device emulation [XSA-121, CVE-2015-2044] - Information leak through version information hypercall [XSA-122, CVE-2015-2045] * Tue Jan 6 2015 Michael Young - 4.3.3-9 - xen crash due to use after free on hvm guest teardown [XSA-116, CVE-2015-0361] (#1179221) * Tue Dec 16 2014 Michael Young - 4.3.3-8 - fix xendomains issue introduced by xl migrate --debug patch * Mon Dec 8 2014 Michael Young - 4.3.3-7 - p2m lock starvation [XSA-114, CVE-2014-9065] - fix build with --without xsm * Thu Nov 27 2014 Michael Young - 4.3.3-6 - Excessive checking in compatibility mode hypercall argument translation [XSA-111, CVE-2014-8866] - Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor [XSA-112, CVE-2014-8867] - fix segfaults and failures in xl migrate --debug (#1166461) * Thu Nov 20 2014 Michael Young - 4.3.3-5 - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling [XSA-113, CVE-2014-9030] (#1166914) * Wed Nov 19 2014 Michael Young - 4.3.3-4 - Insufficient restrictions on certain MMU update hypercalls [XSA-109, CVE-2014-8594] (#1165205) - Missing privilege level checks in x86 emulation of far branches [XSA-110, CVE-2014-8595] (#1165204) - Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't exploitable from xen (#1086776) * Wed Oct 1 2014 Michael Young - 4.3.3-3 - Improper MSR range used for x2APIC emulation [XSA-108, CVE-2014-7188] (#1148465) * Tue Sep 23 2014 Michael Young - 4.3.3-2 - Race condition in HVMOP_track_dirty_vram [XSA-104, CVE-2014-7154] (#1145736) - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation [XSA-105, CVE-2014-7155] (#1145737) - Missing privilege level checks in x86 emulation of software interrupts [XSA-106, CVE-2014-7156] (#1145738) * Tue Sep 2 2014 Michael Young - 4.3.3-1 - update to xen-4.3.3 remove patches for fixes that are now included * Wed Aug 13 2014 Michael Young - 4.3.2-7 - Long latency virtual-mmu operations are not preemptible [XSA-97, CVE-2014-5146] * FriJun 20 2014 Michael Young - 4.3.2-6 - Hypervisor heap contents leaked to guest [XSA-100, CVE-2014-4021] (#1110316) with extra patch to avoid regression * Sun Jun 15 2014 Michael Young - 4.3.2-5 - Fix %if line typo in the spec file - Vulnerabilities in HVM MSI injection [XSA-96, CVE-2014-3967,CVE-2014-3968] (#1104583) * Sun May 11 2014 Michael Young - 4.3.2-4 - add systemd preset support (#1094938) * Thu May 1 2014 Michael Young - 4.3.2-3 - HVMOP_set_mem_type allows invalid P2M entries to be created [XSA-92, CVE-2014-3124] (#1093315) * Wed Mar 26 2014 Michael Young - 4.3.2-2 - HVMOP_set_mem_access is not preemptible [XSA-89, CVE-2014-2599] (#1080425) * Tue Feb 18 2014 Michael Young - 4.3.2-1 - update to xen-4.3.2 includes fix for "Excessive time to disable caching with HVM guests with PCI passthrough" [XSA-60, CVE-2013-2212] (#987914) - remove patches that are now included * Wed Feb 12 2014 Michael Young - 4.3.1-10 - use-after-free in xc_cpupool_getinfo() under memory pressure [XSA-88, CVE-2014-1950] (#1064491) * Thu Feb 6 2014 Michael Young - 4.3.1-9 - integer overflow in several XSM/Flask hypercalls [XSA-84, CVE-2014-1891, CVE-2014-1892, CVE-2014-1893, CVE-2014-1894] Off-by-one error in FLASK_AVC_CACHESTAT hypercall [XSA-85, CVE-2014-1895] libvchan failure handling malicious ring indexes [XSA-86, CVE-2014-1896] (#1062335) * Fri Jan 24 2014 Michael Young - 4.3.1-8 - PHYSDEVOP_{prepare,release}_msix exposed to unprivileged pv guests [XSA-87, CVE-2014-1666] (#1058398) * Thu Jan 23 2014 Michael Young - 4.3.1-7 - Out-of-memory condition yielding memory corruption during IRQ setup [XSA-83, CVE-2014-1642] (#1057142) * Wed Dec 11 2013 Michael Young - 4.3.1-6 - Disaggregated domain management security status update [XSA-77] - IOMMU TLB flushing may be inadvertently suppressed [XSA-80, CVE-2013-6400] (#1040024) * Mon Dec 2 2013 Michael Young - 4.3.1-5 - HVM guest triggerable AMD CPU erratum may cause host hang [XSA-82, CVE-2013-6885] * Tue Nov 26 2013Michael Young - 4.3.1-4 - Lock order reversal between page_alloc_lock and mm_rwlock [XSA-74, CVE-2013-4553] (#1034925) - Hypercalls exposed to privilege rings 1 and 2 of HVM guests [XSA-76, CVE-2013-4554] (#1034923) * Thu Nov 21 2013 Michael Young - 4.3.1-3 - Insufficient TLB flushing in VT-d (iommu) code [XSA-78, CVE-2013-6375] (#1033149) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1203737 - CVE-2015-2756 xen: unmediated PCI command register access in qemu (xsa126) https://bugzilla.redhat.com/show_bug.cgi?id=1203737 [ 2 ] Bug #1203732 - CVE-2015-2752 xen: long latency MMIO mapping operations are not preemptible (xsa125) https://bugzilla.redhat.com/show_bug.cgi?id=1203732 [ 3 ] Bug #1203745 - CVE-2015-2751 xen: certain domctl operations may be abused to lock up the host https://bugzilla.redhat.com/show_bug.cgi?id=1203745 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 11, 2015
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!