Security update for xen
Announcement ID: | SUSE-SU-2015:2328-1 |
---|---|
Rating: | moderate |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves 13 vulnerabilities can now be installed.
Description:
This update fixes the following security issues:
-
bsc#956832 - CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list
-
bsc#956592 - xen: virtual PMU is unsupported (XSA-163)
-
bsc#956408 - CVE-2015-8339, CVE-2015-8340: xen: XENMEM_exchange error handling issues (XSA-159)
-
bsc#956409 - CVE-2015-8341: xen: libxl leak of pv kernel and initrd on error (XSA-160)
-
bsc#956411 - CVE-2015-7504: xen: heap buffer overflow vulnerability in pcnet emulator (XSA-162)
-
bsc#947165 - CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142)
-
bsc#954405 - CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in microcode via #DB exception
-
bsc#954018 - CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156) CVE-2015-5307-xsa156.patch
-
bsc#950704 - CVE-2015-7970: xen: x86: Long latency populate-on-demand operation is not preemptible (XSA-150) 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
-
bsc#951845 - CVE-2015-7972: xen: x86: populate-on-demand balloon size inaccuracy can crash guests (XSA-153) xsa153-libxl.patch xend-xsa153.patch
-
Drop 5604f239-x86-PV-properly-populate-descriptor-tables.patch
-
bsc#950703 - CVE-2015-7969: xen: leak of main per-domain vcpu pointer array (DoS) (XSA-149)
- bsc#950705 - CVE-2015-7969: xen: x86: leak of per-domain profiling-related vcpu pointer array (DoS) (XSA-151)
- bsc#950706 - CVE-2015-7971: xen: x86: some pmu and profiling hypercalls log without rate limiting (XSA-152)
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Desktop 12
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-1000=1
-
SUSE Linux Enterprise Software Development Kit 12
zypper in -t patch SUSE-SLE-SDK-12-2015-1000=1
-
SUSE Linux Enterprise Server 12
zypper in -t patch SUSE-SLE-SERVER-12-2015-1000=1
-
SUSE Linux Enterprise Server for SAP Applications 12
zypper in -t patch SUSE-SLE-SERVER-12-2015-1000=1
Package List:
-
SUSE Linux Enterprise Desktop 12 (x86_64)
- xen-4.4.3_06-22.15.1
- xen-libs-4.4.3_06-22.15.1
- xen-libs-debuginfo-4.4.3_06-22.15.1
- xen-kmp-default-debuginfo-4.4.3_06_k3.12.48_52.27-22.15.1
- xen-libs-debuginfo-32bit-4.4.3_06-22.15.1
- xen-libs-32bit-4.4.3_06-22.15.1
- xen-kmp-default-4.4.3_06_k3.12.48_52.27-22.15.1
- xen-debugsource-4.4.3_06-22.15.1
-
SUSE Linux Enterprise Software Development Kit 12 (x86_64)
- xen-devel-4.4.3_06-22.15.1
- xen-debugsource-4.4.3_06-22.15.1
-
SUSE Linux Enterprise Server 12 (x86_64)
- xen-4.4.3_06-22.15.1
- xen-libs-4.4.3_06-22.15.1
- xen-tools-domU-4.4.3_06-22.15.1
- xen-tools-4.4.3_06-22.15.1
- xen-libs-debuginfo-4.4.3_06-22.15.1
- xen-kmp-default-debuginfo-4.4.3_06_k3.12.48_52.27-22.15.1
- xen-libs-debuginfo-32bit-4.4.3_06-22.15.1
- xen-doc-html-4.4.3_06-22.15.1
- xen-tools-debuginfo-4.4.3_06-22.15.1
- xen-tools-domU-debuginfo-4.4.3_06-22.15.1
- xen-libs-32bit-4.4.3_06-22.15.1
- xen-kmp-default-4.4.3_06_k3.12.48_52.27-22.15.1
- xen-debugsource-4.4.3_06-22.15.1
-
SUSE Linux Enterprise Server for SAP Applications 12 (x86_64)
- xen-4.4.3_06-22.15.1
- xen-libs-4.4.3_06-22.15.1
- xen-tools-domU-4.4.3_06-22.15.1
- xen-tools-4.4.3_06-22.15.1
- xen-libs-debuginfo-4.4.3_06-22.15.1
- xen-kmp-default-debuginfo-4.4.3_06_k3.12.48_52.27-22.15.1
- xen-libs-debuginfo-32bit-4.4.3_06-22.15.1
- xen-doc-html-4.4.3_06-22.15.1
- xen-tools-debuginfo-4.4.3_06-22.15.1
- xen-tools-domU-debuginfo-4.4.3_06-22.15.1
- xen-libs-32bit-4.4.3_06-22.15.1
- xen-kmp-default-4.4.3_06_k3.12.48_52.27-22.15.1
- xen-debugsource-4.4.3_06-22.15.1
References:
- https://www.suse.com/security/cve/CVE-2015-5307.html
- https://www.suse.com/security/cve/CVE-2015-7311.html
- https://www.suse.com/security/cve/CVE-2015-7504.html
- https://www.suse.com/security/cve/CVE-2015-7835.html
- https://www.suse.com/security/cve/CVE-2015-7969.html
- https://www.suse.com/security/cve/CVE-2015-7970.html
- https://www.suse.com/security/cve/CVE-2015-7971.html
- https://www.suse.com/security/cve/CVE-2015-7972.html
- https://www.suse.com/security/cve/CVE-2015-8104.html
- https://www.suse.com/security/cve/CVE-2015-8339.html
- https://www.suse.com/security/cve/CVE-2015-8340.html
- https://www.suse.com/security/cve/CVE-2015-8341.html
- https://www.suse.com/security/cve/CVE-2015-8345.html
- https://bugzilla.suse.com/show_bug.cgi?id=947165
- https://bugzilla.suse.com/show_bug.cgi?id=950703
- https://bugzilla.suse.com/show_bug.cgi?id=950704
- https://bugzilla.suse.com/show_bug.cgi?id=950705
- https://bugzilla.suse.com/show_bug.cgi?id=950706
- https://bugzilla.suse.com/show_bug.cgi?id=951845
- https://bugzilla.suse.com/show_bug.cgi?id=954018
- https://bugzilla.suse.com/show_bug.cgi?id=954405
- https://bugzilla.suse.com/show_bug.cgi?id=956408
- https://bugzilla.suse.com/show_bug.cgi?id=956409
- https://bugzilla.suse.com/show_bug.cgi?id=956411
- https://bugzilla.suse.com/show_bug.cgi?id=956592
- https://bugzilla.suse.com/show_bug.cgi?id=956832