Lucene search
SuseSUSE-SU-2012:1615-1HistoryDec 06, 2012 - 5:08 p.m.
Security update for Xen (important)
2012-12-0617:08:57
lists.opensuse.org
25
0.001 Low
EPSS
Percentile
29.9%
This update fixes the following security issues in xen:
- CVE-2012-5510: Grant table version switch list
corruption vulnerability (XSA-26) - CVE-2012-5511: Several HVM operations do not validate
the range of their inputs (XSA-27) - CVE-2012-5512: HVMOP_get_mem_access crash /
HVMOP_set_mem_access information leak (XSA-28) - CVE-2012-5513: XENMEM_exchange may overwrite
hypervisor memory (XSA-29) - CVE-2012-5514: Missing unlock in
guest_physmap_mark_populate_on_demand() (XSA-30) - CVE-2012-5515: Several memory hypercall operations
allow invalid extent order values (XSA-31)
Also the following bugs have been fixed and upstream
patches have been applied:
- FATAL PAGE FAULT in hypervisor (arch_do_domctl)
- 25931-x86-domctl-iomem-mapping-checks.patch
- 26132-tmem-save-NULL-check.patch
- 26134-x86-shadow-invlpg-check.patch
- 26148-vcpu-timer-overflow.patch (Replaces
CVE-2012-4535-xsa20.patch) - 26149-x86-p2m-physmap-error-path.patch (Replaces
CVE-2012-4537-xsa22.patch) - 26150-x86-shadow-unhook-toplevel-check.patch
(Replaces CVE-2012-4538-xsa23.patch) - 26151-gnttab-compat-get-status-frames.patch (Replaces
CVE-2012-4539-xsa24.patch) - bnc#792476 - efi files missing in latest XEN update
References
download.novell.com/patch/finder/?keywords=d862e18d5680d7561000adc9e50779c8
bugzilla.novell.com/777628
bugzilla.novell.com/789940
bugzilla.novell.com/789944
bugzilla.novell.com/789945
bugzilla.novell.com/789948
bugzilla.novell.com/789950
bugzilla.novell.com/789951
bugzilla.novell.com/789988
bugzilla.novell.com/792476
Related
nessus
nessus
SuSE 11.2 Security Update : Xen (SAT Patch Number 7133)
2013-01-25 00:00:00
openSUSE Security Update : xen (openSUSE-SU-2012:1685-1)
2014-06-13 00:00:00
openSUSE Security Update : xen (openSUSE-SU-2012:1687-1)
2014-06-13 00:00:00
openvas
openvas
openSUSE: Security Advisory for xen (openSUSE-SU-2012:1685-1)
2013-03-11 00:00:00
SuSE Update for xen openSUSE-SU-2012:1685-1 (xen)
2013-03-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1615-1)
2021-06-09 00:00:00
suse
suse
xen to fix various denial of service issues (important)
2012-12-23 20:16:24
xen to fix various denial of service issues (important)
2012-12-23 20:08:36
xen to fix various denial of service issues (important)
2013-01-23 14:05:00
securityvulns
securityvulns
[SECURITY] [DSA 2582-1] xen security update
2012-12-09 00:00:00
xen multiple security vulnerabilities
2012-12-09 00:00:00
osv
osv
xen - denial of service
2012-12-07 00:00:00
xen - several
2013-03-03 00:00:00
debian
debian
[SECURITY] [DSA 2582-1] xen security update
2012-12-07 15:40:44
fedora
fedora
[SECURITY] Fedora 18 Update: xen-4.2.0-4.fc18
2012-11-23 07:20:59
[SECURITY] Fedora 18 Update: xen-4.2.0-6.fc18
2012-12-12 00:16:38
[SECURITY] Fedora 17 Update: xen-4.1.4-2.fc17
2013-01-23 01:28:58
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2012-12-04 00:00:00
1
2012-12-05 00:00:00
1
2013-01-22 00:00:00
redhat
redhat
(RHSA-2012:1540) Important: kernel security, bug fix, and enhancement update
2012-12-04 00:00:00
(RHSA-2013:0168) Moderate: kernel security and bug fix update
2013-01-22 00:00:00
centos
centos
kernel security update
2012-12-05 10:07:09
kernel security update
2013-01-23 11:37:33
ubuntucve
ubuntucve
cve
cve
debiancve
debiancve
xen
xen
Broken error handling in guest_physmap_mark_populate_on_demand()
2012-12-03 17:51:00
Several memory hypercall operations allow invalid extent order values
2012-12-03 17:51:00
Grant table version switch list corruption vulnerability
2012-12-03 17:51:00
prion
prion
Command injection
2012-12-13 11:53:00
Design/Logic Flaw
2012-12-13 11:53:00
Code injection
2012-11-21 23:55:00
googleprojectzero
googleprojectzero
Pandavirtualization: Exploiting the Xen hypervisor
2017-04-07 00:00:00
exploitpack
exploitpack
Xen - Broken Check in memory_exchange() Permits PV Guest Breakout
2017-04-11 00:00:00
seebug
seebug
gentoo
gentoo
Xen: Multiple vulnerabilities
2013-09-27 00:00:00