Lucene search
SuseOPENSUSE-SU-2014:1281-1HistoryOct 09, 2014 - 1:09 p.m.
xen: security and bugfix update (important)
2014-10-0913:09:07
lists.opensuse.org
10
0.055 Low
EPSS
Percentile
92.4%
XEN was updated to fix security issues and bugs.
Security issues fixed:
- bnc#897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC
emulation - bnc#895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in
x86 emulation of software interrupts - bnc#895799 - CVE-2014-7155: XSA-105: Missing privilege level checks in
x86 HLT, LGDT, LIDT, and LMSW emulation - bnc#895798 - CVE-2014-7154: XSA-104: Race condition in
HVMOP_track_dirty_vram - bnc#864801 - CVE-2013-4540: qemu: zaurus: buffer overrun on invalid
state load - bnc#875668 - CVE-2014-3124: XSA-92: HVMOP_set_mem_type allows invalid
P2M entries to be created - bnc#878841 - CVE-2014-3967, CVE-2014-3968: XSA-96: Xen: Vulnerabilities
in HVM MSI injection - bnc#880751 - CVE-2014-4021: XSA-100: Hypervisor heap contents leaked to
guests - bnc#842006 - CVE-2013-4344: XSA-65: xen: qemu SCSI REPORT LUNS buffer
overflow
Other bugs fixed:
- bnc#896023 - Adjust xentop column layout
- bnc#820873 - The "long" option doesn’t work with "xl list"
- bnc#882127 - Xen kernel panics on booting SLES12 Beta 8
- bnc#865682 - Local attach support for PHY backends using scripts
- bnc#798770 - Improve multipath support for npiv devices
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 13.1 | i586 | xen-tools-domu | < 4.3.2_02-27.1 | xen-tools-domU-4.3.2_02-27.1.i586.rpm |
| openSUSE | 13.1 | x86_64 | xen-tools-domu | < 4.3.2_02-27.1 | xen-tools-domU-4.3.2_02-27.1.x86_64.rpm |
| openSUSE | 13.1 | i586 | xen-debugsource | < 4.3.2_02-27.1 | xen-debugsource-4.3.2_02-27.1.i586.rpm |
| openSUSE | 13.1 | i586 | xen-kmp-desktop | < 4.3.2_02_k3.11.10_21-27.1 | xen-kmp-desktop-4.3.2_02_k3.11.10_21-27.1.i586.rpm |
| openSUSE | 13.1 | i586 | xen-libs | < 4.3.2_02-27.1 | xen-libs-4.3.2_02-27.1.i586.rpm |
| openSUSE | 13.1 | x86_64 | xen-debugsource | < 4.3.2_02-27.1 | xen-debugsource-4.3.2_02-27.1.x86_64.rpm |
| openSUSE | 13.1 | i586 | xen-kmp-pae | < 4.3.2_02_k3.11.10_21-27.1 | xen-kmp-pae-4.3.2_02_k3.11.10_21-27.1.i586.rpm |
| openSUSE | 13.1 | x86_64 | xen-kmp-desktop | < 4.3.2_02_k3.11.10_21-27.1 | xen-kmp-desktop-4.3.2_02_k3.11.10_21-27.1.x86_64.rpm |
| openSUSE | 13.1 | x86_64 | xen-devel | < 4.3.2_02-27.1 | xen-devel-4.3.2_02-27.1.x86_64.rpm |
| openSUSE | 13.1 | x86_64 | xen-tools-domu-debuginfo | < 4.3.2_02-27.1 | xen-tools-domU-debuginfo-4.3.2_02-27.1.x86_64.rpm |
References
bugzilla.suse.com/show_bug.cgi?id=798770
bugzilla.suse.com/show_bug.cgi?id=820873
bugzilla.suse.com/show_bug.cgi?id=842006
bugzilla.suse.com/show_bug.cgi?id=864801
bugzilla.suse.com/show_bug.cgi?id=865682
bugzilla.suse.com/show_bug.cgi?id=875668
bugzilla.suse.com/show_bug.cgi?id=878841
bugzilla.suse.com/show_bug.cgi?id=880751
bugzilla.suse.com/show_bug.cgi?id=882127
bugzilla.suse.com/show_bug.cgi?id=895798
bugzilla.suse.com/show_bug.cgi?id=895799
bugzilla.suse.com/show_bug.cgi?id=895802
bugzilla.suse.com/show_bug.cgi?id=896023
bugzilla.suse.com/show_bug.cgi?id=897657
Related
openvas
openvas
openSUSE: Security Advisory for xen (openSUSE-SU-2014:1281-1)
2014-10-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1318-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for xen (openSUSE-SU-2014:1279-1)
2014-10-10 00:00:00
nessus
nessus
openSUSE Security Update : xen (openSUSE-SU-2014:1281-1)
2014-10-10 00:00:00
openSUSE Security Update : xen (openSUSE-SU-2014:1279-1)
2014-10-10 00:00:00
SuSE 11.3 Security Update : Xen (SAT Patch Number 9828)
2014-10-23 00:00:00
suse
suse
xen: security and bugfix update (important)
2014-10-09 13:04:44
Security update for kvm (important)
2014-05-08 19:04:16
gentoo
gentoo
Xen: Denial of service
2014-12-26 00:00:00
Xen: Multiple vulnerabilities
2015-04-11 00:00:00
Xen: Multiple Vunlerabilities
2014-07-16 00:00:00
securityvulns
securityvulns
Xen multiple security vulnerabilities
2014-10-14 00:00:00
[SECURITY] [DSA 3041-1] xen security update
2014-10-14 00:00:00
debian
debian
[SECURITY] [DSA 3041-1] xen security update
2014-10-01 12:22:02
[SECURITY] [DSA 2932-1] qemu security update
2014-05-19 09:47:59
[SECURITY] [DSA 2933-1] qemu-kvm security update
2014-05-19 13:21:10
osv
osv
xen - security update
2014-10-01 00:00:00
qemu - security update
2014-05-19 00:00:00
qemu-kvm - security update
2014-05-19 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: xen-4.4.1-4.fc21
2014-09-29 03:54:01
[SECURITY] Fedora 20 Update: xen-4.3.3-3.fc20
2014-10-11 06:54:26
[SECURITY] Fedora 20 Update: xen-4.3.3-5.fc20
2014-12-01 19:01:23
xen
xen
Vulnerabilities in HVM MSI injection
2014-06-03 12:00:00
Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation
2014-09-23 12:00:00
Race condition in HVMOP_track_dirty_vram
2014-09-23 12:00:00
prion
prion
Race condition
2014-10-02 14:55:00
Information disclosure
2014-10-02 14:55:00
Design/Logic Flaw
2014-10-02 14:55:00
cve
cve
debiancve
debiancve
ubuntucve
ubuntucve
mageia
mageia
Updated qemu package fixes security vulnerability
2013-11-22 22:49:20
redhat
redhat
oraclelinux
oraclelinux
qemu-kvm security, bug fix, and enhancement update
2013-11-21 00:00:00
kernel security and bug fix update
2014-07-25 00:00:00
kernel security and bug fix update
2014-07-24 00:00:00
centos
centos
qemu security update
2013-11-26 13:32:44
kernel security update
2014-07-25 03:04:41
veracode
veracode
Authorization Bypass
2019-01-15 08:51:30
ubuntu
ubuntu
QEMU vulnerabilities
2014-01-30 00:00:00