Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2015:0022-1
HistoryJan 09, 2015 - 12:04 p.m.

Security update for xen (important)

2015-01-0912:04:44
lists.opensuse.org
16

0.007 Low

EPSS

Percentile

77.4%

JSON

xen was updated to fix nine security issues.

These security issues were fixed:

  • Guest affectable page reference leak in MMU_MACHPHYS_UPDATE handling
    (CVE-2014-9030).
  • Insufficient bounding of "REP MOVS" to MMIO emulated inside the
    hypervisor (CVE-2014-8867).
  • Excessive checking in compatibility mode hypercall argument translation
    (CVE-2014-8866).
  • Guest user mode triggerable VM exits not handled by hypervisor
    (bnc#9038500).
  • Missing privilege level checks in x86 emulation of far branches
    (CVE-2014-8595).
  • Insufficient restrictions on certain MMU update hypercalls
    (CVE-2014-8594).
  • Long latency virtual-mmu operations are not preemptible (CVE-2014-5146,
    CVE-2014-5149).
  • Intel VT-d Interrupt Remapping engines can be evaded by native NMI
    interrupts (CVE-2013-3495).

These non-security issues were fixed:

  • Corrupted save/restore test leaves orphaned data in xenstore
    (bnc#903357).
  • Temporary migration name is not cleaned up after migration (bnc#903359).
  • Xen save/restore of HVM guests cuts off disk and networking
    (bnc#866902).
  • increase limit domUloader to 32MB (bnc#901317).
  • XEN Host crashes when assigning non-VF device (SR-IOV) to guest
    (bnc#898772).
  • Windows 2012 R2 fails to boot up with greater than 60 vcpus (bnc#882089).
  • Restrict requires on grub2-x86_64-xen to x86_64 hosts
  • Change default dump directory (bsc#900292).
  • Update xen2libvirt.py to better detect and handle file formats
  • libxc: check return values on mmap() and madvise() on
    xc_alloc_hypercall_buffer() (bnc#897906).
  • Bug xen-tools uninstallable; grub2-x86_64-xen dependency not available
    (bnc#897614).
  • Adjust xentop column layout (bnc#896023).
OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server12x86_64xen-doc-html< 4.4.1_08-5.2xen-doc-html-4.4.1_08-5.2.x86_64.rpm
SUSE Linux Enterprise Desktop12x86_64xen-debugsource< 4.4.1_08-5.2xen-debugsource-4.4.1_08-5.2.x86_64.rpm
SUSE Linux Enterprise Server12x86_64xen-libs-debuginfo< 4.4.1_08-5.2xen-libs-debuginfo-4.4.1_08-5.2.x86_64.rpm
SUSE Linux Enterprise Server12x86_64xen< 4.4.1_08-5.2xen-4.4.1_08-5.2.x86_64.rpm
SUSE Linux Enterprise Desktop12x86_64xen-kmp-default< 4.4.1_08_k3.12.28_4-5.2xen-kmp-default-4.4.1_08_k3.12.28_4-5.2.x86_64.rpm
SUSE Linux Enterprise Server12x86_64xen-tools-debuginfo< 4.4.1_08-5.2xen-tools-debuginfo-4.4.1_08-5.2.x86_64.rpm
SUSE Linux Enterprise Desktop12x86_64xen-libs-32bit< 4.4.1_08-5.2xen-libs-32bit-4.4.1_08-5.2.x86_64.rpm
SUSE Linux Enterprise Desktop12x86_64xen-libs-debuginfo-32bit< 4.4.1_08-5.2xen-libs-debuginfo-32bit-4.4.1_08-5.2.x86_64.rpm
SUSE Linux Enterprise Server12x86_64xen-tools< 4.4.1_08-5.2xen-tools-4.4.1_08-5.2.x86_64.rpm
SUSE Linux Enterprise Server12x86_64xen-kmp-default< 4.4.1_08_k3.12.28_4-5.2xen-kmp-default-4.4.1_08_k3.12.28_4-5.2.x86_64.rpm
Rows per page:
1-10 of 231

Related

openvas 41
osv 1
nessus 28
debian 1
securityvulns 2
suse 2
fedora 24
prion 8
ubuntucve 8
debiancve 8
cve 8
xen 7
gentoo 1
oraclelinux 2
redhat 1
veracode 1
centos 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:0022-1)
2021-04-19 00:00:00
SUSE: Security Advisory for xen (SUSE-SU-2015:0022-1)
2015-10-16 00:00:00
Debian Security Advisory DSA 3140-1 (xen - security update)
2015-01-27 00:00:00
osv
osv
xen - security update
2015-01-27 00:00:00
nessus
nessus
SuSE 11.3 Security Update : Xen (SAT Patch Number 10018)
2014-12-26 00:00:00
Debian DSA-3140-1 : xen - security update
2015-01-28 00:00:00
openSUSE Security Update : xen (openSUSE-2015-129)
2015-02-12 00:00:00
debian
debian
[SECURITY] [DSA 3140-1] xen security update
2015-01-27 10:54:05
securityvulns
securityvulns
[SECURITY] [DSA 3140-1] xen security update
2015-02-02 00:00:00
Xen DoS
2015-02-02 00:00:00
suse
suse
Security update for xen (important)
2015-02-06 11:05:09
Security update for xen (important)
2015-02-11 15:05:20
fedora
fedora
[SECURITY] Fedora 21 Update: xen-4.4.1-9.fc21
2014-12-12 04:01:42
[SECURITY] Fedora 21 Update: xen-4.4.1-12.fc21
2015-01-17 05:35:38
[SECURITY] Fedora 21 Update: xen-4.4.1-16.fc21
2015-03-23 07:10:24
prion
prion
Design/Logic Flaw
2014-08-22 14:55:00
Design/Logic Flaw
2014-08-22 14:55:00
Code injection
2014-11-24 15:59:00
ubuntucve
ubuntucve
CVE-2014-5146
2014-08-22 00:00:00
CVE-2014-5149
2014-08-22 00:00:00
CVE-2014-9030
2014-11-24 00:00:00
debiancve
debiancve
CVE-2014-5149
2014-08-22 14:55:00
CVE-2014-5146
2014-08-22 14:55:00
CVE-2014-9030
2014-11-24 15:59:00
cve
cve
CVE-2014-5146
2014-08-22 14:55:00
CVE-2014-5149
2014-08-22 14:55:00
CVE-2014-9030
2014-11-24 15:59:00
xen
xen
Long latency virtual-mmu operations are not preemptible
2014-08-12 12:00:00
Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
2014-11-20 16:26:00
Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts
2013-08-20 12:00:00
gentoo
gentoo
Xen: Multiple vulnerabilities
2015-04-11 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2015-04-08 00:00:00
kernel security and bug fix update
2015-04-08 00:00:00
redhat
redhat
(RHSA-2015:0783) Important: kernel security and bug fix update
2015-04-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:13:00
centos
centos
kernel security update
2015-04-07 22:09:26

0.007 Low

EPSS

Percentile

77.4%

JSON
Related for SUSE-SU-2015:0022-1
openvas41osv1nessus28debian1securityvulns2suse2fedora24prion8ubuntucve8debiancve8cve8xen7gentoo1oraclelinux2redhat1veracode1centos1