Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2017:1078-1
HistoryApr 20, 2017 - 3:13 p.m.

Security update for xen (important)

2017-04-2015:13:55
lists.opensuse.org
26

0.001 Low

EPSS

Percentile

41.2%

JSON

This update for xen to version 4.7.2 fixes the following issues:

These security issues were fixed:

  • CVE-2017-7228: Broken check in memory_exchange() permited PV guest
    breakout (bsc#1030442).
  • XSA-206: Unprivileged guests issuing writes to xenstore were able to
    stall progress of the control domain or driver domain, possibly leading
    to a Denial of Service (DoS) of the entire host (bsc#1030144).
  • CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c
    allowed local guest OS users to cause a denial of service (infinite
    loop) via vectors involving the number of link endpoint list descriptors
    (bsc#1028235).

These non-security issues were fixed:

  • bsc#1015348: libvirtd didn’t not start during boot
  • bsc#1014136: kdump couldn’t dump a kernel on SLES12-SP2 with Xen
    hypervisor.
  • bsc#1026236: Fixed paravirtualized performance
  • bsc#1022555: Timeout in "execution of /etc/xen/scripts/block add"
  • bsc#1029827: Forward port xenstored
  • bsc#1029128: Make xen to really produce xen.efi with gcc48

This update was imported from the SUSE:SLE-12-SP2:Update update project.

OSVersionArchitecturePackageVersionFilename
openSUSE Leap42.2i586xen-debugsource<Β 4.7.2_02-11.3.1xen-debugsource-4.7.2_02-11.3.1.i586.rpm
openSUSE Leap42.2x86_64xen-devel<Β 4.7.2_02-11.3.1xen-devel-4.7.2_02-11.3.1.x86_64.rpm
openSUSE Leap42.2x86_64xen-doc-html<Β 4.7.2_02-11.3.1xen-doc-html-4.7.2_02-11.3.1.x86_64.rpm
openSUSE Leap42.2x86_64xen-libs-debuginfo-32bit<Β 4.7.2_02-11.3.1xen-libs-debuginfo-32bit-4.7.2_02-11.3.1.x86_64.rpm
openSUSE Leap42.2x86_64xen-tools-domu-debuginfo<Β 4.7.2_02-11.3.1xen-tools-domU-debuginfo-4.7.2_02-11.3.1.x86_64.rpm
openSUSE Leap42.2x86_64xen-libs<Β 4.7.2_02-11.3.1xen-libs-4.7.2_02-11.3.1.x86_64.rpm
openSUSE Leap42.2i586xen-devel<Β 4.7.2_02-11.3.1xen-devel-4.7.2_02-11.3.1.i586.rpm
openSUSE Leap42.2x86_64xen-libs-debuginfo<Β 4.7.2_02-11.3.1xen-libs-debuginfo-4.7.2_02-11.3.1.x86_64.rpm
openSUSE Leap42.2x86_64xen-tools<Β 4.7.2_02-11.3.1xen-tools-4.7.2_02-11.3.1.x86_64.rpm
openSUSE Leap42.2x86_64xen-debugsource<Β 4.7.2_02-11.3.1xen-debugsource-4.7.2_02-11.3.1.x86_64.rpm
Rows per page:
1-10 of 181

Related

suse 11
openvas 31
nessus 38
zdt 1
prion 3
debiancve 3
cve 3
freebsd 1
ubuntucve 3
xen 1
veracode 2
osv 8
redhatcve 3
debian 5
citrix 1
fedora 5
seebug 1
alpinelinux 1
gentoo 1
ubuntu 2
suse
suse
Security update for xen (important)
2017-04-11 21:08:43
Security update for xen (important)
2017-04-19 15:06:52
Security update for xen (important)
2017-04-20 21:08:54
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:0983-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for xen (openSUSE-SU-2017:1078-1)
2017-04-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1058-1)
2021-06-09 00:00:00
nessus
nessus
openSUSE Security Update : xen (openSUSE-2017-492)
2017-04-21 00:00:00
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:0983-1)
2017-04-12 00:00:00
SUSE SLES11 Security Update : xen (SUSE-SU-2017:1058-1)
2017-04-20 00:00:00
zdt
zdt
Xen - Broken Check in memory_exchange() Permits PV Guest Breakout Vulnerability
2017-04-12 00:00:00
prion
prion
Input validation
2017-04-04 14:59:00
Code injection
2017-06-08 16:29:00
Design/Logic Flaw
2017-03-15 14:59:00
debiancve
debiancve
CVE-2017-7228
2017-04-04 14:59:00
CVE-2017-9330
2017-06-08 16:29:00
CVE-2017-6505
2017-03-15 14:59:00
cve
cve
CVE-2017-7228
2017-04-04 14:59:00
CVE-2017-9330
2017-06-08 16:29:00
CVE-2017-6505
2017-03-15 14:59:00
freebsd
freebsd
xen-kernel -- broken check in memory_exchange() permits PV guest breakout
2017-04-04 00:00:00
ubuntucve
ubuntucve
CVE-2017-7228
2017-04-04 00:00:00
CVE-2017-6505
2017-03-15 00:00:00
CVE-2017-9330
2017-06-08 00:00:00
xen
xen
x86: broken check in memory_exchange() permits PV guest breakout
2017-04-04 12:00:00
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:34:50
Denial Of Service (DoS)
2020-09-21 06:38:55
osv
osv
xen - security update
2017-04-21 00:00:00
CVE-2017-7228
2017-04-04 14:59:00
CVE-2017-6505
2017-03-15 14:59:01
redhatcve
redhatcve
CVE-2017-7228
2017-04-04 14:27:07
CVE-2017-6505
2017-03-06 18:21:25
CVE-2017-9330
2017-06-01 07:49:09
debian
debian
[SECURITY] [DLA 907-1] xen security update
2017-04-21 21:01:36
[SECURITY] [DSA 3847-1] xen security update
2017-05-09 20:52:42
[SECURITY] [DLA 1070-1] qemu security update
2017-08-28 08:01:19
citrix
citrix
Citrix XenServer Multiple Security Updates
2017-04-05 04:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: xen-4.7.2-5.fc25
2017-04-09 02:57:00
[SECURITY] Fedora 24 Update: xen-4.6.5-5.fc24
2017-04-14 22:20:07
[SECURITY] Fedora 25 Update: xen-4.7.2-2.fc25
2017-03-21 03:23:43
seebug
seebug
Xen: broken check in memory_exchange() permits PV guest breakout(CVE-2017-7228οΌ‰
2017-04-09 00:00:00
alpinelinux
alpinelinux
CVE-2017-6505
2017-03-15 14:59:00
gentoo
gentoo
QEMU: Multiple vulnerabilities
2017-04-10 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2017-04-25 00:00:00
QEMU vulnerabilities
2017-04-20 00:00:00

0.001 Low

EPSS

Percentile

41.2%

JSON
Related for OPENSUSE-SU-2017:1078-1
suse11openvas31nessus38zdt1prion3debiancve3cve3freebsd1ubuntucve3xen1veracode2osv8redhatcve3debian5citrix1fedora5seebug1alpinelinux1gentoo1ubuntu2