Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2015-0744-1.NASL
HistoryMay 20, 2015 - 12:00 a.m.

SUSE SLES10 Security Update : Xen (SUSE-SU-2015:0744-1)

2015-05-2000:00:00
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

The Virtualization service XEN was updated to fix various bugs and security issues.

The following security issues have been fixed :

XSA-125: Long latency MMIO mapping operations were not preemptible.

CVE-2015-2151: XSA-123: Instructions with register operands ignored eventual segment overrides encoded for them. Due to an insufficiently conditional assignment such a bogus segment override could have, however, corrupted a pointer used subsequently to store the result of the instruction.

CVE-2015-2045: XSA-122: The code handling certain sub-operations of the HYPERVISOR_xen_version hypercall failed to fully initialize all fields of structures subsequently copied back to guest memory. Due to this hypervisor stack contents were copied into the destination of the operation, thus becoming visible to the guest.

CVE-2015-2044: XSA-121: Emulation routines in the hypervisor dealing with certain system devices checked whether the access size by the guest is a supported one. When the access size is unsupported these routines failed to set the data to be returned to the guest for read accesses, so that hypervisor stack contents were copied into the destination of the operation, thus becoming visible to the guest.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2015:0744-1.
# The text itself is copyright (C) SUSE.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(83717);
  script_version("2.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2013-3495", "CVE-2014-3615", "CVE-2014-5146", "CVE-2014-5149", "CVE-2014-9065", "CVE-2014-9066", "CVE-2015-0361", "CVE-2015-2044", "CVE-2015-2045", "CVE-2015-2151");
  script_bugtraq_id(61854, 69198, 69199, 69654, 71544, 71546, 71882, 72954, 72955, 73015);

  script_name(english:"SUSE SLES10 Security Update : Xen (SUSE-SU-2015:0744-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The Virtualization service XEN was updated to fix various bugs and
security issues.

The following security issues have been fixed :

XSA-125: Long latency MMIO mapping operations were not preemptible.

CVE-2015-2151: XSA-123: Instructions with register operands ignored
eventual segment overrides encoded for them. Due to an insufficiently
conditional assignment such a bogus segment override could have,
however, corrupted a pointer used subsequently to store the result of
the instruction.

CVE-2015-2045: XSA-122: The code handling certain sub-operations of
the HYPERVISOR_xen_version hypercall failed to fully initialize all
fields of structures subsequently copied back to guest memory. Due to
this hypervisor stack contents were copied into the destination of the
operation, thus becoming visible to the guest.

CVE-2015-2044: XSA-121: Emulation routines in the hypervisor dealing
with certain system devices checked whether the access size by the
guest is a supported one. When the access size is unsupported these
routines failed to set the data to be returned to the guest for read
accesses, so that hypervisor stack contents were copied into the
destination of the operation, thus becoming visible to the guest.

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  # https://www.suse.com/support/update/announcement/2015/suse-su-20150744-1.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?c1ee6152"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected Xen packages");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-doc-html");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-doc-pdf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-doc-ps");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-kmp-bigsmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-kmp-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-kmp-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-kmp-kdump");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-kmp-kdumppae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-kmp-smp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-kmp-vmi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-kmp-vmipae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-tools-domU");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-tools-ioemu");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:10");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/08/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/04/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/20");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES10)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES10", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
if (cpu >!< "i386|i486|i586|i686|x86_64") audit(AUDIT_ARCH_NOT, "i386 / i486 / i586 / i686 / x86_64", cpu);


sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES10" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES10 SP4", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-devel-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-doc-html-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-doc-pdf-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-doc-ps-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-kmp-debug-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-kmp-default-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-kmp-kdump-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-kmp-smp-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-libs-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-tools-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-tools-domU-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-tools-ioemu-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-libs-32bit-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-kmp-bigsmp-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-kmp-kdumppae-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-kmp-vmi-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"xen-kmp-vmipae-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-devel-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-doc-html-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-doc-pdf-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-doc-ps-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-kmp-debug-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-kmp-default-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-kmp-kdump-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-kmp-smp-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-libs-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-tools-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-tools-domU-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-tools-ioemu-3.2.3_17040_46-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-kmp-bigsmp-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-kmp-kdumppae-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-kmp-vmi-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", cpu:"i586", reference:"xen-kmp-vmipae-3.2.3_17040_46_2.6.16.60_0.107.36-0.13.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Xen");
}
VendorProductVersionCPE
novellsuse_linuxxenp-cpe:/a:novell:suse_linux:xen
novellsuse_linuxxen-develp-cpe:/a:novell:suse_linux:xen-devel
novellsuse_linuxxen-doc-htmlp-cpe:/a:novell:suse_linux:xen-doc-html
novellsuse_linuxxen-doc-pdfp-cpe:/a:novell:suse_linux:xen-doc-pdf
novellsuse_linuxxen-doc-psp-cpe:/a:novell:suse_linux:xen-doc-ps
novellsuse_linuxxen-kmp-bigsmpp-cpe:/a:novell:suse_linux:xen-kmp-bigsmp
novellsuse_linuxxen-kmp-debugp-cpe:/a:novell:suse_linux:xen-kmp-debug
novellsuse_linuxxen-kmp-defaultp-cpe:/a:novell:suse_linux:xen-kmp-default
novellsuse_linuxxen-kmp-kdumpp-cpe:/a:novell:suse_linux:xen-kmp-kdump
novellsuse_linuxxen-kmp-kdumppaep-cpe:/a:novell:suse_linux:xen-kmp-kdumppae
Rows per page:
1-10 of 181

Related

openvas 46
suse 6
nessus 47
citrix 1
securityvulns 3
osv 1
debian 2
cve 10
prion 10
cvelist 10
xen 7
debiancve 10
ubuntucve 10
gentoo 2
huawei 1
fedora 19
freebsd 3
oraclelinux 3
redhat 4
centos 2
veracode 1
ubuntu 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:0744-1)
2021-06-09 00:00:00
SUSE: Security Advisory for Xen (SUSE-SU-2015:0613-1)
2015-10-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0613-1)
2021-04-19 00:00:00
suse
suse
Security update for Xen (important)
2015-03-27 10:04:56
Security update for xen (important)
2015-02-06 11:05:09
Security update for xen (important)
2015-02-11 15:05:20
nessus
nessus
SUSE SLED12 / SLES12 Security Update : Xen (SUSE-SU-2015:0613-1)
2015-05-20 00:00:00
Debian DSA-3181-1 : xen - security update
2015-03-11 00:00:00
Fedora 20 : xen-4.3.3-12.fc20 (2015-3721)
2015-03-25 00:00:00
citrix
citrix
Citrix XenServer Multiple Security Updates
2015-03-02 04:00:00
securityvulns
securityvulns
Xen multiple security vulnerabilities
2015-03-15 00:00:00
[SECURITY] [DSA 3181-1] xen security update
2015-03-15 00:00:00
[SECURITY] [DSA 3045-1] qemu security update
2014-10-13 00:00:00
osv
osv
xen - security update
2015-03-10 00:00:00
debian
debian
[SECURITY] [DSA 3181-1] xen security update
2015-03-10 20:40:36
[SECURITY] [DSA 3045-1] qemu security update
2014-10-04 19:28:01
cve
cve
CVE-2014-9066
2014-12-09 23:59:00
CVE-2014-9065
2014-12-09 23:59:00
CVE-2014-5146
2014-08-22 14:55:00
prion
prion
Code injection
2014-12-09 23:59:00
Code injection
2014-12-09 23:59:00
Design/Logic Flaw
2014-08-22 14:55:00
cvelist
cvelist
CVE-2014-9065
2014-12-09 22:52:00
CVE-2014-9066
2014-12-09 22:52:00
CVE-2014-5149
2014-08-22 14:00:00
xen
xen
p2m lock starvation
2014-12-08 12:00:00
Long latency virtual-mmu operations are not preemptible
2014-08-12 12:00:00
Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts
2013-08-20 12:00:00
debiancve
debiancve
CVE-2014-9065
2014-12-09 23:59:00
CVE-2014-9066
2014-12-09 23:59:00
CVE-2014-5149
2014-08-22 14:55:00
ubuntucve
ubuntucve
CVE-2014-9065
2014-12-09 00:00:00
CVE-2014-9066
2014-12-09 00:00:00
CVE-2014-5146
2014-08-22 00:00:00
gentoo
gentoo
Xen: Multiple vulnerabilities
2015-04-11 00:00:00
QEMU: Multiple Vulnerabilities
2014-12-08 00:00:00
huawei
huawei
Security Advisory - Xen Vulnerabilities on Huawei FusionSphere products
2015-04-10 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: xen-4.4.1-16.fc21
2015-03-23 07:10:24
[SECURITY] Fedora 21 Update: xen-4.4.2-2.fc21
2015-04-11 09:04:58
[SECURITY] Fedora 21 Update: xen-4.4.2-3.fc21
2015-05-02 18:04:27
freebsd
freebsd
xen-kernel -- Information leak through version information hypercall
2015-03-05 00:00:00
xen-kernel -- Hypervisor memory corruption due to x86 emulator flaw
2015-03-10 00:00:00
xen-kernel -- Information leak via internal x86 system device emulation
2015-03-05 00:00:00
oraclelinux
oraclelinux
qemu-kvm security and bug fix update
2014-10-20 00:00:00
kernel security update
2016-03-16 00:00:00
kernel security update
2016-03-15 00:00:00
redhat
redhat
(RHSA-2014:1669) Low: qemu-kvm security and bug fix update
2014-10-20 00:00:00
(RHSA-2014:1941) Low: qemu-kvm-rhev security update
2014-12-02 16:46:30
(RHSA-2014:1670) Low: qemu-kvm-rhev security and bug fix update
2014-10-20 00:00:00
centos
centos
libcacard, qemu security update
2014-10-21 17:21:12
kernel security update
2016-03-16 14:17:08
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:27:32
ubuntu
ubuntu
QEMU vulnerabilities
2014-11-13 00:00:00
JSON
Related for SUSE_SU-2015-0744-1.NASL
openvas46suse6nessus47citrix1securityvulns3osv1debian2cve10prion10cvelist10xen7debiancve10ubuntucve10gentoo2huawei1fedora19freebsd3oraclelinux3redhat4centos2veracode1ubuntu1