Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:0701-1

Опубликовано: 01 апр. 2015
Источник: suse-cvrf

Описание

Security update for xen

Xen was updated 4.4.2_01 to address three security issues and functional bugs.

The following vulnerabilities were fixed:

  • Long latency MMIO mapping operations are not preemptible (XSA-125, CVE-2015-2752, bnc#922705)
  • Unmediated PCI command register access in qemu (XSA-126, CVE-2015-2756, bnc#922706)
  • Certain domctl operations may be abused to lock up the host (XSA-127, CVE-2015-2751, bnc#922709)

The following non-security bugs were fixed:

  • xen dmesg contains bogus output in early boot (bnc#923758)
  • Xentop doesn't display disk statistics for VMs using qdisks (bnc#921842)

The following functionality was enabled:

  • Enable spice support in qemu for x86_64
  • Add Qxl vga support

Список пакетов

SUSE Linux Enterprise Desktop 12
xen-4.4.2_02-15.1
xen-kmp-default-4.4.2_02_k3.12.38_44-15.1
xen-libs-4.4.2_02-15.1
xen-libs-32bit-4.4.2_02-15.1
SUSE Linux Enterprise Server 12
xen-4.4.2_02-15.1
xen-doc-html-4.4.2_02-15.1
xen-kmp-default-4.4.2_02_k3.12.38_44-15.1
xen-libs-4.4.2_02-15.1
xen-libs-32bit-4.4.2_02-15.1
xen-tools-4.4.2_02-15.1
xen-tools-domU-4.4.2_02-15.1
SUSE Linux Enterprise Server for SAP Applications 12
xen-4.4.2_02-15.1
xen-doc-html-4.4.2_02-15.1
xen-kmp-default-4.4.2_02_k3.12.38_44-15.1
xen-libs-4.4.2_02-15.1
xen-libs-32bit-4.4.2_02-15.1
xen-tools-4.4.2_02-15.1
xen-tools-domU-4.4.2_02-15.1
SUSE Linux Enterprise Software Development Kit 12
xen-devel-4.4.2_02-15.1

Ссылки

Описание

Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:xen-4.4.2_02-15.1
SUSE Linux Enterprise Desktop 12:xen-kmp-default-4.4.2_02_k3.12.38_44-15.1
SUSE Linux Enterprise Desktop 12:xen-libs-32bit-4.4.2_02-15.1
SUSE Linux Enterprise Desktop 12:xen-libs-4.4.2_02-15.1
Ссылки

Описание

The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm).

Затронутые продукты
SUSE Linux Enterprise Desktop 12:xen-4.4.2_02-15.1
SUSE Linux Enterprise Desktop 12:xen-kmp-default-4.4.2_02_k3.12.38_44-15.1
SUSE Linux Enterprise Desktop 12:xen-libs-32bit-4.4.2_02-15.1
SUSE Linux Enterprise Desktop 12:xen-libs-4.4.2_02-15.1
Ссылки

Описание

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:xen-4.4.2_02-15.1
SUSE Linux Enterprise Desktop 12:xen-kmp-default-4.4.2_02_k3.12.38_44-15.1
SUSE Linux Enterprise Desktop 12:xen-libs-32bit-4.4.2_02-15.1
SUSE Linux Enterprise Desktop 12:xen-libs-4.4.2_02-15.1
Ссылки