Security update for Xen (important)

2015-06-11T20:04:58
ID SUSE-SU-2015:1045-1
Type suse
Reporter Suse
Modified 2015-06-11T20:04:58

Description

Xen was updated to fix seven security vulnerabilities:

   * CVE-2015-4103: Potential unintended writes to host MSI message data
     field via qemu. (XSA-128, bnc#931625)
   * CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests.
     (XSA-129, bnc#931626)
   * CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error
     messages. (XSA-130, bnc#931627)
   * CVE-2015-4106: Unmediated PCI register access in qemu. (XSA-131,
     bnc#931628)
   * CVE-2015-4163: GNTTABOP_swap_grant_ref operation misbehavior.
     (XSA-134, bnc#932790)
   * CVE-2015-3209: Heap overflow in qemu pcnet controller allowing guest
     to host escape. (XSA-135, bnc#932770)
   * CVE-2015-4164: DoS through iret hypercall handler. (XSA-136,
     bnc#932996)

Security Issues:

   * CVE-2015-4103
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4103">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4103</a>>
   * CVE-2015-4104
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4104">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4104</a>>
   * CVE-2015-4105
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4105">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4105</a>>
   * CVE-2015-4106
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4106">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4106</a>>
   * CVE-2015-4163
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4163">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4163</a>>
   * CVE-2015-4164
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4164">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4164</a>>
   * CVE-2015-3209
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209</a>>