Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:0923-1

Опубликовано: 12 мая 2015
Источник: suse-cvrf

Описание

Security update for xen

XEN was updated to fix two security issues and bugs.

Security issues fixed:

  • CVE-2015-3340: Xen did not initialize certain fields, which allowed certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.

  • CVE-2015-2751: Xen, when using toolstack disaggregation, allowed remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.

  • CVE-2015-2752: The XEN_DOMCTL_memory_mapping hypercall in Xen, when using a PCI passthrough device, was not preemptable, which allowed local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm).

  • CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation, which could be used to denial of service attacks or potential code execution against the host.

Bugs fixed:

  • xentop: Fix memory leak on read failure

Список пакетов

SUSE Linux Enterprise Desktop 12
xen-4.4.2_04-18.1
xen-kmp-default-4.4.2_04_k3.12.39_47-18.1
xen-libs-4.4.2_04-18.1
xen-libs-32bit-4.4.2_04-18.1
SUSE Linux Enterprise Server 12
xen-4.4.2_04-18.1
xen-doc-html-4.4.2_04-18.1
xen-kmp-default-4.4.2_04_k3.12.39_47-18.1
xen-libs-4.4.2_04-18.1
xen-libs-32bit-4.4.2_04-18.1
xen-tools-4.4.2_04-18.1
xen-tools-domU-4.4.2_04-18.1
SUSE Linux Enterprise Server for SAP Applications 12
xen-4.4.2_04-18.1
xen-doc-html-4.4.2_04-18.1
xen-kmp-default-4.4.2_04_k3.12.39_47-18.1
xen-libs-4.4.2_04-18.1
xen-libs-32bit-4.4.2_04-18.1
xen-tools-4.4.2_04-18.1
xen-tools-domU-4.4.2_04-18.1
SUSE Linux Enterprise Software Development Kit 12
xen-devel-4.4.2_04-18.1

Ссылки

Описание

Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:xen-4.4.2_04-18.1
SUSE Linux Enterprise Desktop 12:xen-kmp-default-4.4.2_04_k3.12.39_47-18.1
SUSE Linux Enterprise Desktop 12:xen-libs-32bit-4.4.2_04-18.1
SUSE Linux Enterprise Desktop 12:xen-libs-4.4.2_04-18.1
Ссылки

Описание

The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm).

Затронутые продукты
SUSE Linux Enterprise Desktop 12:xen-4.4.2_04-18.1
SUSE Linux Enterprise Desktop 12:xen-kmp-default-4.4.2_04_k3.12.39_47-18.1
SUSE Linux Enterprise Desktop 12:xen-libs-32bit-4.4.2_04-18.1
SUSE Linux Enterprise Desktop 12:xen-libs-4.4.2_04-18.1
Ссылки

Описание

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:xen-4.4.2_04-18.1
SUSE Linux Enterprise Desktop 12:xen-kmp-default-4.4.2_04_k3.12.39_47-18.1
SUSE Linux Enterprise Desktop 12:xen-libs-32bit-4.4.2_04-18.1
SUSE Linux Enterprise Desktop 12:xen-libs-4.4.2_04-18.1
Ссылки

Описание

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:xen-4.4.2_04-18.1
SUSE Linux Enterprise Desktop 12:xen-kmp-default-4.4.2_04_k3.12.39_47-18.1
SUSE Linux Enterprise Desktop 12:xen-libs-32bit-4.4.2_04-18.1
SUSE Linux Enterprise Desktop 12:xen-libs-4.4.2_04-18.1
Ссылки