Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:1058-1

Опубликовано: 19 апр. 2017
Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following security issues:

  • CVE-2017-7228: Broken check in memory_exchange() permited PV guest breakout (bsc#1030442).
  • CVE-2017-6414: Memory leak in the vcard_apdu_new function in card_7816.c in libcacard allowed local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object (bsc#1027570).
  • CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028235).

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3
xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1
xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1
xen-libs-4.2.5_21-38.1
xen-tools-domU-4.2.5_21-38.1
SUSE Linux Enterprise Server 11 SP3-LTSS
xen-4.2.5_21-38.1
xen-doc-html-4.2.5_21-38.1
xen-doc-pdf-4.2.5_21-38.1
xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1
xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1
xen-libs-4.2.5_21-38.1
xen-libs-32bit-4.2.5_21-38.1
xen-tools-4.2.5_21-38.1
xen-tools-domU-4.2.5_21-38.1
SUSE Manager 2.1
xen-4.2.5_21-38.1
xen-doc-html-4.2.5_21-38.1
xen-doc-pdf-4.2.5_21-38.1
xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1
xen-libs-4.2.5_21-38.1
xen-libs-32bit-4.2.5_21-38.1
xen-tools-4.2.5_21-38.1
xen-tools-domU-4.2.5_21-38.1
SUSE Manager Proxy 2.1
xen-4.2.5_21-38.1
xen-doc-html-4.2.5_21-38.1
xen-doc-pdf-4.2.5_21-38.1
xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1
xen-libs-4.2.5_21-38.1
xen-libs-32bit-4.2.5_21-38.1
xen-tools-4.2.5_21-38.1
xen-tools-domU-4.2.5_21-38.1
SUSE OpenStack Cloud 5
xen-4.2.5_21-38.1
xen-doc-html-4.2.5_21-38.1
xen-doc-pdf-4.2.5_21-38.1
xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1
xen-libs-4.2.5_21-38.1
xen-libs-32bit-4.2.5_21-38.1
xen-tools-4.2.5_21-38.1
xen-tools-domU-4.2.5_21-38.1

Ссылки

Описание

Memory leak in the vcard_apdu_new function in card_7816.c in libcacard before 2.5.3 allows local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1
SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1
SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-38.1
SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-38.1
Ссылки

Описание

The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1
SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1
SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-38.1
SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-38.1
Ссылки

Описание

An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1
SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1
SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-38.1
SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-38.1
Ссылки