Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:1479-2

Опубликовано: 11 авг. 2015
Источник: suse-cvrf

Описание

Security update for xen

xen was updated to fix the following security issues:

  • CVE-2015-5165: QEMU leak of uninitialized heap memory in rtl8139 device model (bsc#939712, XSA-140)
  • CVE-2015-5166: Use after free in QEMU/Xen block unplug protocol (bsc#939709, XSA-139)
  • CVE-2015-2751: Certain domctl operations could have be used to lock up the host (bsc#922709, XSA-127)
  • CVE-2015-3259: xl command line config handling stack overflow (bsc#935634, XSA-137)
  • CVE-2015-4164: DoS through iret hypercall handler (bsc#932996, XSA-136)
  • CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344)

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3
xen-4.2.5_12-15.1
xen-doc-html-4.2.5_12-15.1
xen-doc-pdf-4.2.5_12-15.1
xen-kmp-default-4.2.5_12_3.0.101_0.47.55-15.1
xen-kmp-pae-4.2.5_12_3.0.101_0.47.55-15.1
xen-libs-4.2.5_12-15.1
xen-libs-32bit-4.2.5_12-15.1
xen-tools-4.2.5_12-15.1
xen-tools-domU-4.2.5_12-15.1

Ссылки

Описание

Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xen-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-html-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-pdf-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-kmp-default-4.2.5_12_3.0.101_0.47.55-15.1
Ссылки

Описание

Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xen-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-html-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-pdf-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-kmp-default-4.2.5_12_3.0.101_0.47.55-15.1
Ссылки

Описание

The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xen-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-html-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-pdf-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-kmp-default-4.2.5_12_3.0.101_0.47.55-15.1
Ссылки

Описание

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xen-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-html-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-pdf-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-kmp-default-4.2.5_12_3.0.101_0.47.55-15.1
Ссылки

Описание

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xen-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-html-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-pdf-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-kmp-default-4.2.5_12_3.0.101_0.47.55-15.1
Ссылки

Описание

Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:xen-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-html-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-doc-pdf-4.2.5_12-15.1
SUSE Linux Enterprise Desktop 11 SP3:xen-kmp-default-4.2.5_12_3.0.101_0.47.55-15.1
Ссылки
Уязвимость SUSE-SU-2015:1479-2