Security update for xen (important)

2017-09-2112:08:39

lists.opensuse.org

0.001 Low

EPSS

Percentile

25.2%

JSON

This update for xen fixes several issues.

These security issues were fixed:

CVE-2017-14316: Missing bound check in function alloc_heap_pages for
an internal array allowed attackers using crafted hypercalls to execute
arbitrary code within Xen (XSA-231, bsc#1056278)
CVE-2017-14318: The function __gnttab_cache_flush missed a check for
grant tables, allowing a malicious guest to crash the host or for x86 PV
guests to potentially escalate privileges (XSA-232, bsc#1056280)
CVE-2017-14317: A race in cxenstored may have cause a double-free
allowind for DoS of the xenstored daemon (XSA-233, bsc#1056281).
CVE-2017-14319: An error while handling grant mappings allowed malicious
or buggy x86 PV guest to escalate its privileges or crash the hypervisor
(XSA-234, bsc#1056282).

These non-security issues were fixed:

bsc#1055695: Fixed restoring updates for HVM guests for ballooned domUs

This update was imported from the SUSE:SLE-12-SP2:Update update project.

OSVersionArchitecturePackageVersionFilename
openSUSE Leap42.2i586xen-libs< 4.7.3_04-11.15.1xen-libs-4.7.3_04-11.15.1.i586.rpm
openSUSE Leap42.2x86_64xen-doc-html< 4.7.3_04-11.15.1xen-doc-html-4.7.3_04-11.15.1.x86_64.rpm
openSUSE Leap42.2x86_64xen-libs< 4.7.3_04-11.15.1xen-libs-4.7.3_04-11.15.1.x86_64.rpm
openSUSE Leap42.2x86_64xen-libs-debuginfo-32bit< 4.7.3_04-11.15.1xen-libs-debuginfo-32bit-4.7.3_04-11.15.1.x86_64.rpm
openSUSE Leap42.2x86_64xen-libs-debuginfo< 4.7.3_04-11.15.1xen-libs-debuginfo-4.7.3_04-11.15.1.x86_64.rpm
openSUSE Leap42.2i586xen-tools-domu< 4.7.3_04-11.15.1xen-tools-domU-4.7.3_04-11.15.1.i586.rpm
openSUSE Leap42.2i586xen-tools-domu-debuginfo< 4.7.3_04-11.15.1xen-tools-domU-debuginfo-4.7.3_04-11.15.1.i586.rpm
openSUSE Leap42.2i586xen-debugsource< 4.7.3_04-11.15.1xen-debugsource-4.7.3_04-11.15.1.i586.rpm
openSUSE Leap42.2i586xen-devel< 4.7.3_04-11.15.1xen-devel-4.7.3_04-11.15.1.i586.rpm
openSUSE Leap42.2x86_64xen-tools-debuginfo< 4.7.3_04-11.15.1xen-tools-debuginfo-4.7.3_04-11.15.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Leap	42.2	i586	xen-libs	< 4.7.3_04-11.15.1	xen-libs-4.7.3_04-11.15.1.i586.rpm
openSUSE Leap	42.2	x86_64	xen-doc-html	< 4.7.3_04-11.15.1	xen-doc-html-4.7.3_04-11.15.1.x86_64.rpm
openSUSE Leap	42.2	x86_64	xen-libs	< 4.7.3_04-11.15.1	xen-libs-4.7.3_04-11.15.1.x86_64.rpm
openSUSE Leap	42.2	x86_64	xen-libs-debuginfo-32bit	< 4.7.3_04-11.15.1	xen-libs-debuginfo-32bit-4.7.3_04-11.15.1.x86_64.rpm
openSUSE Leap	42.2	x86_64	xen-libs-debuginfo	< 4.7.3_04-11.15.1	xen-libs-debuginfo-4.7.3_04-11.15.1.x86_64.rpm
openSUSE Leap	42.2	i586	xen-tools-domu	< 4.7.3_04-11.15.1	xen-tools-domU-4.7.3_04-11.15.1.i586.rpm
openSUSE Leap	42.2	i586	xen-tools-domu-debuginfo	< 4.7.3_04-11.15.1	xen-tools-domU-debuginfo-4.7.3_04-11.15.1.i586.rpm
openSUSE Leap	42.2	i586	xen-debugsource	< 4.7.3_04-11.15.1	xen-debugsource-4.7.3_04-11.15.1.i586.rpm
openSUSE Leap	42.2	i586	xen-devel	< 4.7.3_04-11.15.1	xen-devel-4.7.3_04-11.15.1.i586.rpm
openSUSE Leap	42.2	x86_64	xen-tools-debuginfo	< 4.7.3_04-11.15.1	xen-tools-debuginfo-4.7.3_04-11.15.1.x86_64.rpm