Security update for Xen

SUSE Security Update: Security update for Xen
Announcement ID: SUSE-SU-2016:0658-1
Rating: important
References: #877642 #932267 #944463 #950706 #953527 #954405 #956408 #956411 #957988 #958009 #958493 #958523 #962360
Affected Products:
  • SUSE Linux Enterprise Server 10 SP4 LTSS
    		•

    An update that fixes 13 vulnerabilities is now available.

    Description:

    Xen was updated to fix the following vulnerabilities:

    • CVE-2014-0222: Qcow1 L2 table size integer overflows (bsc#877642)
    • CVE-2015-4037: Insecure temporary file use in /net/slirp.c (bsc#932267)
    • CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463)
    • CVE-2015-7504: Heap buffer overflow vulnerability in pcnet emulator (XSA-162, bsc#956411)
    • CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (XSA-152, bsc#950706)
    • CVE-2015-8104: Guest to host DoS by triggering an infinite loop in microcode via #DB exception (bsc#954405)
    • CVE-2015-5307: Guest to host DOS by intercepting #AC (XSA-156, bsc#953527)
    • CVE-2015-8339: XENMEM_exchange error handling issues (XSA-159, bsc#956408)
    • CVE-2015-8340: XENMEM_exchange error handling issues (XSA-159, bsc#956408)
    • CVE-2015-7512: Buffer overflow in pcnet's non-loopback mode (bsc#962360)
    • CVE-2015-8550: Paravirtualized drivers incautious about shared memory contents (XSA-155, bsc#957988)
    • CVE-2015-8504: Avoid floating point exception in vnc support (bsc#958493)
    • CVE-2015-8555: Information leak in legacy x86 FPU/XMM initialization (XSA-165, bsc#958009)
    • Ioreq handling possibly susceptible to multiple read issue (XSA-166, bsc#958523)

    Security Issues:

    Special Instructions and Notes:

    Please reboot the system after installing this update.

    Package List:

    • SUSE Linux Enterprise Server 10 SP4 LTSS (i586 x86_64):
      • xen-3.2.3_17040_46-0.23.2
      • xen-devel-3.2.3_17040_46-0.23.2
      • xen-doc-html-3.2.3_17040_46-0.23.2
      • xen-doc-pdf-3.2.3_17040_46-0.23.2
      • xen-doc-ps-3.2.3_17040_46-0.23.2
      • xen-kmp-debug-3.2.3_17040_46_2.6.16.60_0.132.6-0.23.2
      • xen-kmp-default-3.2.3_17040_46_2.6.16.60_0.132.6-0.23.2
      • xen-kmp-kdump-3.2.3_17040_46_2.6.16.60_0.132.6-0.23.2
      • xen-kmp-smp-3.2.3_17040_46_2.6.16.60_0.132.6-0.23.2
      • xen-libs-3.2.3_17040_46-0.23.2
      • xen-tools-3.2.3_17040_46-0.23.2
      • xen-tools-domU-3.2.3_17040_46-0.23.2
      • xen-tools-ioemu-3.2.3_17040_46-0.23.2
    • SUSE Linux Enterprise Server 10 SP4 LTSS (x86_64):
      • xen-libs-32bit-3.2.3_17040_46-0.23.2
    • SUSE Linux Enterprise Server 10 SP4 LTSS (i586):
      • xen-kmp-bigsmp-3.2.3_17040_46_2.6.16.60_0.132.6-0.23.2
      • xen-kmp-kdumppae-3.2.3_17040_46_2.6.16.60_0.132.6-0.23.2
      • xen-kmp-vmi-3.2.3_17040_46_2.6.16.60_0.132.6-0.23.2
      • xen-kmp-vmipae-3.2.3_17040_46_2.6.16.60_0.132.6-0.23.2

    References: