xen-4.7.0_12-1.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10196-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z xen-4.7.0_12-1.3 on GA media These are all security issues fixed in the xen-4.7.0_12-1.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10196 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2011-1898/ SUSE CVE CVE-2011-1898 page https://www.suse.com/security/cve/CVE-2012-0029/ SUSE CVE CVE-2012-0029 page https://www.suse.com/security/cve/CVE-2012-0217/ SUSE CVE CVE-2012-0217 page https://www.suse.com/security/cve/CVE-2012-2625/ SUSE CVE CVE-2012-2625 page https://www.suse.com/security/cve/CVE-2012-3432/ SUSE CVE CVE-2012-3432 page https://www.suse.com/security/cve/CVE-2012-3433/ SUSE CVE CVE-2012-3433 page https://www.suse.com/security/cve/CVE-2012-4411/ SUSE CVE CVE-2012-4411 page https://www.suse.com/security/cve/CVE-2012-4535/ SUSE CVE CVE-2012-4535 page https://www.suse.com/security/cve/CVE-2012-4536/ SUSE CVE CVE-2012-4536 page https://www.suse.com/security/cve/CVE-2012-4537/ SUSE CVE CVE-2012-4537 page https://www.suse.com/security/cve/CVE-2012-4538/ SUSE CVE CVE-2012-4538 page https://www.suse.com/security/cve/CVE-2012-4539/ SUSE CVE CVE-2012-4539 page https://www.suse.com/security/cve/CVE-2012-4544/ SUSE CVE CVE-2012-4544 page https://www.suse.com/security/cve/CVE-2012-5510/ SUSE CVE CVE-2012-5510 page https://www.suse.com/security/cve/CVE-2012-5511/ SUSE CVE CVE-2012-5511 page https://www.suse.com/security/cve/CVE-2012-5513/ SUSE CVE CVE-2012-5513 page https://www.suse.com/security/cve/CVE-2012-5514/ SUSE CVE CVE-2012-5514 page https://www.suse.com/security/cve/CVE-2012-5515/ SUSE CVE CVE-2012-5515 page https://www.suse.com/security/cve/CVE-2012-5525/ SUSE CVE CVE-2012-5525 page https://www.suse.com/security/cve/CVE-2012-5634/ SUSE CVE CVE-2012-5634 page https://www.suse.com/security/cve/CVE-2012-6075/ SUSE CVE CVE-2012-6075 page https://www.suse.com/security/cve/CVE-2013-0151/ SUSE CVE CVE-2013-0151 page https://www.suse.com/security/cve/CVE-2013-0152/ SUSE CVE CVE-2013-0152 page https://www.suse.com/security/cve/CVE-2013-0153/ SUSE CVE CVE-2013-0153 page https://www.suse.com/security/cve/CVE-2013-1442/ SUSE CVE CVE-2013-1442 page https://www.suse.com/security/cve/CVE-2013-1917/ SUSE CVE CVE-2013-1917 page https://www.suse.com/security/cve/CVE-2013-1918/ SUSE CVE CVE-2013-1918 page https://www.suse.com/security/cve/CVE-2013-1919/ SUSE CVE CVE-2013-1919 page https://www.suse.com/security/cve/CVE-2013-1922/ SUSE CVE CVE-2013-1922 page https://www.suse.com/security/cve/CVE-2013-1952/ SUSE CVE CVE-2013-1952 page https://www.suse.com/security/cve/CVE-2013-2007/ SUSE CVE CVE-2013-2007 page https://www.suse.com/security/cve/CVE-2013-3495/ SUSE CVE CVE-2013-3495 page https://www.suse.com/security/cve/CVE-2013-4355/ SUSE CVE CVE-2013-4355 page https://www.suse.com/security/cve/CVE-2013-4356/ SUSE CVE CVE-2013-4356 page https://www.suse.com/security/cve/CVE-2013-4361/ SUSE CVE CVE-2013-4361 page https://www.suse.com/security/cve/CVE-2013-4375/ SUSE CVE CVE-2013-4375 page https://www.suse.com/security/cve/CVE-2013-4416/ SUSE CVE CVE-2013-4416 page https://www.suse.com/security/cve/CVE-2013-4494/ SUSE CVE CVE-2013-4494 page https://www.suse.com/security/cve/CVE-2013-4533/ SUSE CVE CVE-2013-4533 page https://www.suse.com/security/cve/CVE-2013-4534/ SUSE CVE CVE-2013-4534 page https://www.suse.com/security/cve/CVE-2013-4537/ SUSE CVE CVE-2013-4537 page https://www.suse.com/security/cve/CVE-2013-4538/ SUSE CVE CVE-2013-4538 page https://www.suse.com/security/cve/CVE-2013-4539/ SUSE CVE CVE-2013-4539 page https://www.suse.com/security/cve/CVE-2013-4540/ SUSE CVE CVE-2013-4540 page https://www.suse.com/security/cve/CVE-2013-4551/ SUSE CVE CVE-2013-4551 page https://www.suse.com/security/cve/CVE-2013-4553/ SUSE CVE CVE-2013-4553 page https://www.suse.com/security/cve/CVE-2013-4554/ SUSE CVE CVE-2013-4554 page https://www.suse.com/security/cve/CVE-2014-0222/ SUSE CVE CVE-2014-0222 page https://www.suse.com/security/cve/CVE-2014-3124/ SUSE CVE CVE-2014-3124 page https://www.suse.com/security/cve/CVE-2014-3640/ SUSE CVE CVE-2014-3640 page https://www.suse.com/security/cve/CVE-2014-3672/ SUSE CVE CVE-2014-3672 page https://www.suse.com/security/cve/CVE-2014-5146/ SUSE CVE CVE-2014-5146 page https://www.suse.com/security/cve/CVE-2014-5149/ SUSE CVE CVE-2014-5149 page https://www.suse.com/security/cve/CVE-2014-6268/ SUSE CVE CVE-2014-6268 page https://www.suse.com/security/cve/CVE-2014-7154/ SUSE CVE CVE-2014-7154 page https://www.suse.com/security/cve/CVE-2014-7155/ SUSE CVE CVE-2014-7155 page https://www.suse.com/security/cve/CVE-2014-7156/ SUSE CVE CVE-2014-7156 page https://www.suse.com/security/cve/CVE-2014-7188/ SUSE CVE CVE-2014-7188 page https://www.suse.com/security/cve/CVE-2014-7815/ SUSE CVE CVE-2014-7815 page https://www.suse.com/security/cve/CVE-2015-1779/ SUSE CVE CVE-2015-1779 page https://www.suse.com/security/cve/CVE-2015-3259/ SUSE CVE CVE-2015-3259 page https://www.suse.com/security/cve/CVE-2015-3340/ SUSE CVE CVE-2015-3340 page https://www.suse.com/security/cve/CVE-2015-3456/ SUSE CVE CVE-2015-3456 page https://www.suse.com/security/cve/CVE-2015-4037/ SUSE CVE CVE-2015-4037 page https://www.suse.com/security/cve/CVE-2015-4103/ SUSE CVE CVE-2015-4103 page https://www.suse.com/security/cve/CVE-2015-4104/ SUSE CVE CVE-2015-4104 page https://www.suse.com/security/cve/CVE-2015-4105/ SUSE CVE CVE-2015-4105 page https://www.suse.com/security/cve/CVE-2015-4106/ SUSE CVE CVE-2015-4106 page https://www.suse.com/security/cve/CVE-2015-5154/ SUSE CVE CVE-2015-5154 page https://www.suse.com/security/cve/CVE-2015-5239/ SUSE CVE CVE-2015-5239 page https://www.suse.com/security/cve/CVE-2015-5278/ SUSE CVE CVE-2015-5278 page https://www.suse.com/security/cve/CVE-2015-5307/ SUSE CVE CVE-2015-5307 page https://www.suse.com/security/cve/CVE-2015-6815/ SUSE CVE CVE-2015-6815 page https://www.suse.com/security/cve/CVE-2015-6855/ SUSE CVE CVE-2015-6855 page https://www.suse.com/security/cve/CVE-2015-7311/ SUSE CVE CVE-2015-7311 page https://www.suse.com/security/cve/CVE-2015-7504/ SUSE CVE CVE-2015-7504 page https://www.suse.com/security/cve/CVE-2015-7512/ SUSE CVE CVE-2015-7512 page https://www.suse.com/security/cve/CVE-2015-7549/ SUSE CVE CVE-2015-7549 page https://www.suse.com/security/cve/CVE-2015-7835/ SUSE CVE CVE-2015-7835 page https://www.suse.com/security/cve/CVE-2015-7969/ SUSE CVE CVE-2015-7969 page https://www.suse.com/security/cve/CVE-2015-7970/ SUSE CVE CVE-2015-7970 page https://www.suse.com/security/cve/CVE-2015-7971/ SUSE CVE CVE-2015-7971 page https://www.suse.com/security/cve/CVE-2015-7972/ SUSE CVE CVE-2015-7972 page https://www.suse.com/security/cve/CVE-2015-8104/ SUSE CVE CVE-2015-8104 page https://www.suse.com/security/cve/CVE-2015-8339/ SUSE CVE CVE-2015-8339 page https://www.suse.com/security/cve/CVE-2015-8340/ SUSE CVE CVE-2015-8340 page https://www.suse.com/security/cve/CVE-2015-8341/ SUSE CVE CVE-2015-8341 page https://www.suse.com/security/cve/CVE-2015-8345/ SUSE CVE CVE-2015-8345 page https://www.suse.com/security/cve/CVE-2015-8504/ SUSE CVE CVE-2015-8504 page https://www.suse.com/security/cve/CVE-2015-8550/ SUSE CVE CVE-2015-8550 page https://www.suse.com/security/cve/CVE-2015-8554/ SUSE CVE CVE-2015-8554 page https://www.suse.com/security/cve/CVE-2015-8555/ SUSE CVE CVE-2015-8555 page https://www.suse.com/security/cve/CVE-2015-8558/ SUSE CVE CVE-2015-8558 page https://www.suse.com/security/cve/CVE-2015-8567/ SUSE CVE CVE-2015-8567 page https://www.suse.com/security/cve/CVE-2015-8568/ SUSE CVE CVE-2015-8568 page https://www.suse.com/security/cve/CVE-2015-8613/ SUSE CVE CVE-2015-8613 page https://www.suse.com/security/cve/CVE-2015-8615/ SUSE CVE CVE-2015-8615 page https://www.suse.com/security/cve/CVE-2015-8619/ SUSE CVE CVE-2015-8619 page https://www.suse.com/security/cve/CVE-2015-8743/ SUSE CVE CVE-2015-8743 page https://www.suse.com/security/cve/CVE-2015-8744/ SUSE CVE CVE-2015-8744 page https://www.suse.com/security/cve/CVE-2015-8745/ SUSE CVE CVE-2015-8745 page https://www.suse.com/security/cve/CVE-2016-1568/ SUSE CVE CVE-2016-1568 page https://www.suse.com/security/cve/CVE-2016-1570/ SUSE CVE CVE-2016-1570 page https://www.suse.com/security/cve/CVE-2016-1571/ SUSE CVE CVE-2016-1571 page https://www.suse.com/security/cve/CVE-2016-1714/ SUSE CVE CVE-2016-1714 page https://www.suse.com/security/cve/CVE-2016-1922/ SUSE CVE CVE-2016-1922 page https://www.suse.com/security/cve/CVE-2016-1981/ SUSE CVE CVE-2016-1981 page https://www.suse.com/security/cve/CVE-2016-2198/ SUSE CVE CVE-2016-2198 page https://www.suse.com/security/cve/CVE-2016-2270/ SUSE CVE CVE-2016-2270 page https://www.suse.com/security/cve/CVE-2016-2271/ SUSE CVE CVE-2016-2271 page https://www.suse.com/security/cve/CVE-2016-2391/ SUSE CVE CVE-2016-2391 page https://www.suse.com/security/cve/CVE-2016-2392/ SUSE CVE CVE-2016-2392 page https://www.suse.com/security/cve/CVE-2016-2538/ SUSE CVE CVE-2016-2538 page https://www.suse.com/security/cve/CVE-2016-2841/ SUSE CVE CVE-2016-2841 page https://www.suse.com/security/cve/CVE-2016-4439/ SUSE CVE CVE-2016-4439 page https://www.suse.com/security/cve/CVE-2016-4441/ SUSE CVE CVE-2016-4441 page https://www.suse.com/security/cve/CVE-2016-5238/ SUSE CVE CVE-2016-5238 page https://www.suse.com/security/cve/CVE-2016-5338/ SUSE CVE CVE-2016-5338 page https://www.suse.com/security/cve/CVE-2016-6258/ SUSE CVE CVE-2016-6258 page https://www.suse.com/security/cve/CVE-2016-6259/ SUSE CVE CVE-2016-6259 page https://www.suse.com/security/cve/CVE-2016-6351/ SUSE CVE CVE-2016-6351 page https://www.suse.com/security/cve/CVE-2016-7092/ SUSE CVE CVE-2016-7092 page https://www.suse.com/security/cve/CVE-2016-7093/ SUSE CVE CVE-2016-7093 page https://www.suse.com/security/cve/CVE-2016-7094/ SUSE CVE CVE-2016-7094 page openSUSE Tumbleweed xen-4.7.0_12-1.3 xen-devel-4.7.0_12-1.3 xen-doc-html-4.7.0_12-1.3 xen-libs-4.7.0_12-1.3 xen-libs-32bit-4.7.0_12-1.3 xen-tools-4.7.0_12-1.3 xen-tools-domU-4.7.0_12-1.3 xen-4.7.0_12-1.3 as a component of openSUSE Tumbleweed xen-devel-4.7.0_12-1.3 as a component of openSUSE Tumbleweed xen-doc-html-4.7.0_12-1.3 as a component of openSUSE Tumbleweed xen-libs-4.7.0_12-1.3 as a component of openSUSE Tumbleweed xen-libs-32bit-4.7.0_12-1.3 as a component of openSUSE Tumbleweed xen-tools-4.7.0_12-1.3 as a component of openSUSE Tumbleweed xen-tools-domU-4.7.0_12-1.3 as a component of openSUSE Tumbleweed Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers." CVE-2011-1898 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 7.4 AV:A/AC:M/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-1898.html CVE-2011-1898 https://bugzilla.suse.com/702025 SUSE Bug 702025 https://bugzilla.suse.com/724906 SUSE Bug 724906 Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. CVE-2012-0029 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.4 AV:A/AC:M/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-0029.html CVE-2012-0029 https://bugzilla.suse.com/740165 SUSE Bug 740165 https://bugzilla.suse.com/747331 SUSE Bug 747331 https://bugzilla.suse.com/757537 SUSE Bug 757537 The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier. CVE-2012-0217 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-0217.html CVE-2012-0217 https://bugzilla.suse.com/757537 SUSE Bug 757537 https://bugzilla.suse.com/764077 SUSE Bug 764077 https://bugzilla.suse.com/785429 SUSE Bug 785429 The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image. CVE-2012-2625 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 2.7 AV:A/AC:L/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2625.html CVE-2012-2625 https://bugzilla.suse.com/762484 SUSE Bug 762484 https://bugzilla.suse.com/773393 SUSE Bug 773393 https://bugzilla.suse.com/773401 SUSE Bug 773401 https://bugzilla.suse.com/787163 SUSE Bug 787163 The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, when running an HVM guest, does not properly reset certain state information between emulation cycles, which allows local guest OS users to cause a denial of service (guest OS crash) via unspecified operations on MMIO regions. CVE-2012-3432 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-3432.html CVE-2012-3432 https://bugzilla.suse.com/773393 SUSE Bug 773393 https://bugzilla.suse.com/773401 SUSE Bug 773401 Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service (domain 0 VCPU hang and kernel panic) by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown. CVE-2012-3433 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-3433.html CVE-2012-3433 https://bugzilla.suse.com/773393 SUSE Bug 773393 https://bugzilla.suse.com/773401 SUSE Bug 773401 The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998. CVE-2012-4411 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.6 AV:L/AC:L/Au:S/C:C/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-4411.html CVE-2012-4411 https://bugzilla.suse.com/779212 SUSE Bug 779212 https://bugzilla.suse.com/786516 SUSE Bug 786516 https://bugzilla.suse.com/786518 SUSE Bug 786518 https://bugzilla.suse.com/786519 SUSE Bug 786519 https://bugzilla.suse.com/786520 SUSE Bug 786520 https://bugzilla.suse.com/787163 SUSE Bug 787163 Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline." CVE-2012-4535 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-4535.html CVE-2012-4535 https://bugzilla.suse.com/779212 SUSE Bug 779212 https://bugzilla.suse.com/786516 SUSE Bug 786516 https://bugzilla.suse.com/786518 SUSE Bug 786518 https://bugzilla.suse.com/786519 SUSE Bug 786519 https://bugzilla.suse.com/786520 SUSE Bug 786520 https://bugzilla.suse.com/787163 SUSE Bug 787163 The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an out-of-bounds read. CVE-2012-4536 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-4536.html CVE-2012-4536 https://bugzilla.suse.com/779212 SUSE Bug 779212 https://bugzilla.suse.com/786516 SUSE Bug 786516 https://bugzilla.suse.com/786518 SUSE Bug 786518 https://bugzilla.suse.com/786519 SUSE Bug 786519 https://bugzilla.suse.com/786520 SUSE Bug 786520 https://bugzilla.suse.com/787163 SUSE Bug 787163 Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability." CVE-2012-4537 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-4537.html CVE-2012-4537 https://bugzilla.suse.com/779212 SUSE Bug 779212 https://bugzilla.suse.com/786516 SUSE Bug 786516 https://bugzilla.suse.com/786517 SUSE Bug 786517 https://bugzilla.suse.com/786518 SUSE Bug 786518 https://bugzilla.suse.com/786519 SUSE Bug 786519 https://bugzilla.suse.com/786520 SUSE Bug 786520 https://bugzilla.suse.com/787163 SUSE Bug 787163 The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not properly check the pagetable state when running on shadow pagetables, which allows a local HVM guest OS to cause a denial of service (hypervisor crash) via unspecified vectors. CVE-2012-4538 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-4538.html CVE-2012-4538 https://bugzilla.suse.com/779212 SUSE Bug 779212 https://bugzilla.suse.com/786516 SUSE Bug 786516 https://bugzilla.suse.com/786518 SUSE Bug 786518 https://bugzilla.suse.com/786519 SUSE Bug 786519 https://bugzilla.suse.com/786520 SUSE Bug 786520 https://bugzilla.suse.com/787163 SUSE Bug 787163 Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hypercall infinite loop DoS vulnerability." CVE-2012-4539 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-4539.html CVE-2012-4539 https://bugzilla.suse.com/779212 SUSE Bug 779212 https://bugzilla.suse.com/786516 SUSE Bug 786516 https://bugzilla.suse.com/786518 SUSE Bug 786518 https://bugzilla.suse.com/786519 SUSE Bug 786519 https://bugzilla.suse.com/786520 SUSE Bug 786520 https://bugzilla.suse.com/787163 SUSE Bug 787163 The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (a) kernel or (b) ramdisk. CVE-2012-4544 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-4544.html CVE-2012-4544 https://bugzilla.suse.com/779212 SUSE Bug 779212 https://bugzilla.suse.com/786516 SUSE Bug 786516 https://bugzilla.suse.com/786518 SUSE Bug 786518 https://bugzilla.suse.com/786519 SUSE Bug 786519 https://bugzilla.suse.com/786520 SUSE Bug 786520 https://bugzilla.suse.com/787163 SUSE Bug 787163 https://bugzilla.suse.com/840592 SUSE Bug 840592 Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors. CVE-2012-5510 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5510.html CVE-2012-5510 https://bugzilla.suse.com/789945 SUSE Bug 789945 Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image. CVE-2012-5511 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5511.html CVE-2012-5511 https://bugzilla.suse.com/789944 SUSE Bug 789944 The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range. CVE-2012-5513 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5513.html CVE-2012-5513 https://bugzilla.suse.com/789951 SUSE Bug 789951 The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors. CVE-2012-5514 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5514.html CVE-2012-5514 https://bugzilla.suse.com/789948 SUSE Bug 789948 https://bugzilla.suse.com/789988 SUSE Bug 789988 The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value. CVE-2012-5515 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5515.html CVE-2012-5515 https://bugzilla.suse.com/789950 SUSE Bug 789950 The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read. CVE-2012-5525 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5525.html CVE-2012-5525 https://bugzilla.suse.com/789952 SUSE Bug 789952 Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does not properly configure VT-d when supporting a device that is behind a legacy PCI Bridge, which allows local guests to cause a denial of service to other guests by injecting an interrupt. CVE-2012-5634 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 6.1 AV:A/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5634.html CVE-2012-5634 https://bugzilla.suse.com/794316 SUSE Bug 794316 https://bugzilla.suse.com/800275 SUSE Bug 800275 https://bugzilla.suse.com/840592 SUSE Bug 840592 Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet. CVE-2012-6075 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-6075.html CVE-2012-6075 https://bugzilla.suse.com/797523 SUSE Bug 797523 https://bugzilla.suse.com/800275 SUSE Bug 800275 https://bugzilla.suse.com/840592 SUSE Bug 840592 The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging administrative access to an HVM guest in a domain with a large number of VCPUs. CVE-2013-0151 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.6 AV:A/AC:H/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0151.html CVE-2013-0151 https://bugzilla.suse.com/797285 SUSE Bug 797285 Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled. CVE-2013-0152 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0152.html CVE-2013-0152 https://bugzilla.suse.com/797287 SUSE Bug 797287 https://bugzilla.suse.com/800798 SUSE Bug 800798 The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests. CVE-2013-0153 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0153.html CVE-2013-0153 https://bugzilla.suse.com/800275 SUSE Bug 800275 https://bugzilla.suse.com/800802 SUSE Bug 800802 https://bugzilla.suse.com/840592 SUSE Bug 840592 Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain sensitive information by reading the registers. CVE-2013-1442 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 1.2 AV:L/AC:H/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-1442.html CVE-2013-1442 https://bugzilla.suse.com/839596 SUSE Bug 839596 https://bugzilla.suse.com/840592 SUSE Bug 840592 Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by another IRET instruction. CVE-2013-1917 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-1917.html CVE-2013-1917 https://bugzilla.suse.com/813673 SUSE Bug 813673 https://bugzilla.suse.com/840592 SUSE Bug 840592 Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal." CVE-2013-1918 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-1918.html CVE-2013-1918 https://bugzilla.suse.com/813673 SUSE Bug 813673 https://bugzilla.suse.com/816159 SUSE Bug 816159 https://bugzilla.suse.com/823011 SUSE Bug 823011 https://bugzilla.suse.com/826882 SUSE Bug 826882 https://bugzilla.suse.com/840592 SUSE Bug 840592 Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs or PCI devices." CVE-2013-1919 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-1919.html CVE-2013-1919 https://bugzilla.suse.com/813673 SUSE Bug 813673 https://bugzilla.suse.com/813675 SUSE Bug 813675 https://bugzilla.suse.com/840592 SUSE Bug 840592 qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different vulnerability than CVE-2008-2004. CVE-2013-1922 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 3.3 AV:L/AC:M/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-1922.html CVE-2013-1922 https://bugzilla.suse.com/814059 SUSE Bug 814059 https://bugzilla.suse.com/934753 SUSE Bug 934753 https://bugzilla.suse.com/934768 SUSE Bug 934768 Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of service (interrupt injection) via unspecified vectors. CVE-2013-1952 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-1952.html CVE-2013-1952 https://bugzilla.suse.com/813673 SUSE Bug 813673 https://bugzilla.suse.com/816163 SUSE Bug 816163 https://bugzilla.suse.com/840592 SUSE Bug 840592 The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files. CVE-2013-2007 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2007.html CVE-2013-2007 https://bugzilla.suse.com/818181 SUSE Bug 818181 https://bugzilla.suse.com/818182 SUSE Bug 818182 https://bugzilla.suse.com/818183 SUSE Bug 818183 The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting (SERR) Non-Maskable Interrupt (NMI). CVE-2013-3495 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-3495.html CVE-2013-3495 https://bugzilla.suse.com/826717 SUSE Bug 826717 https://bugzilla.suse.com/903970 SUSE Bug 903970 Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory. CVE-2013-4355 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 1.5 AV:L/AC:M/Au:S/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4355.html CVE-2013-4355 https://bugzilla.suse.com/840592 SUSE Bug 840592 Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash). CVE-2013-4356 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.4 AV:A/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4356.html CVE-2013-4356 https://bugzilla.suse.com/840593 SUSE Bug 840593 The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction. CVE-2013-4361 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4361.html CVE-2013-4361 https://bugzilla.suse.com/840592 SUSE Bug 840592 https://bugzilla.suse.com/841766 SUSE Bug 841766 The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors. CVE-2013-4375 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 2.7 AV:A/AC:L/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4375.html CVE-2013-4375 https://bugzilla.suse.com/840592 SUSE Bug 840592 https://bugzilla.suse.com/842515 SUSE Bug 842515 The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply. CVE-2013-4416 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.2 AV:A/AC:M/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4416.html CVE-2013-4416 https://bugzilla.suse.com/840592 SUSE Bug 840592 https://bugzilla.suse.com/845520 SUSE Bug 845520 Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same order, which allows local guest administrators with access to multiple vcpus to cause a denial of service (host deadlock) via unspecified vectors. CVE-2013-4494 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.2 AV:A/AC:M/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4494.html CVE-2013-4494 https://bugzilla.suse.com/848657 SUSE Bug 848657 Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image. CVE-2013-4533 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4533.html CVE-2013-4533 https://bugzilla.suse.com/1072223 SUSE Bug 1072223 https://bugzilla.suse.com/864655 SUSE Bug 864655 https://bugzilla.suse.com/871442 SUSE Bug 871442 https://bugzilla.suse.com/964644 SUSE Bug 964644 Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements. CVE-2013-4534 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4534.html CVE-2013-4534 https://bugzilla.suse.com/864811 SUSE Bug 864811 https://bugzilla.suse.com/871442 SUSE Bug 871442 https://bugzilla.suse.com/964452 SUSE Bug 964452 The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image. CVE-2013-4537 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4537.html CVE-2013-4537 https://bugzilla.suse.com/864391 SUSE Bug 864391 https://bugzilla.suse.com/871442 SUSE Bug 871442 https://bugzilla.suse.com/962642 SUSE Bug 962642 Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image. CVE-2013-4538 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4538.html CVE-2013-4538 https://bugzilla.suse.com/1072223 SUSE Bug 1072223 https://bugzilla.suse.com/864769 SUSE Bug 864769 https://bugzilla.suse.com/871442 SUSE Bug 871442 https://bugzilla.suse.com/962335 SUSE Bug 962335 Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image. CVE-2013-4539 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4539.html CVE-2013-4539 https://bugzilla.suse.com/1072223 SUSE Bug 1072223 https://bugzilla.suse.com/864805 SUSE Bug 864805 https://bugzilla.suse.com/871442 SUSE Bug 871442 https://bugzilla.suse.com/962758 SUSE Bug 962758 Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image. CVE-2013-4540 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4540.html CVE-2013-4540 https://bugzilla.suse.com/864801 SUSE Bug 864801 https://bugzilla.suse.com/871442 SUSE Bug 871442 https://bugzilla.suse.com/880751 SUSE Bug 880751 Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction execution." CVE-2013-4551 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.7 AV:A/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4551.html CVE-2013-4551 https://bugzilla.suse.com/848657 SUSE Bug 848657 https://bugzilla.suse.com/849665 SUSE Bug 849665 The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock). CVE-2013-4553 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.2 AV:A/AC:M/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4553.html CVE-2013-4553 https://bugzilla.suse.com/848657 SUSE Bug 848657 https://bugzilla.suse.com/849667 SUSE Bug 849667 https://bugzilla.suse.com/849668 SUSE Bug 849668 Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2. CVE-2013-4554 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.2 AV:A/AC:L/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4554.html CVE-2013-4554 https://bugzilla.suse.com/848657 SUSE Bug 848657 https://bugzilla.suse.com/849668 SUSE Bug 849668 Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image. CVE-2014-0222 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.5 AV:A/AC:L/Au:S/C:N/I:N/A:C 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-0222.html CVE-2014-0222 https://bugzilla.suse.com/1072223 SUSE Bug 1072223 https://bugzilla.suse.com/877642 SUSE Bug 877642 https://bugzilla.suse.com/950367 SUSE Bug 950367 https://bugzilla.suse.com/964925 SUSE Bug 964925 The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types. CVE-2014-3124 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 6.7 AV:A/AC:L/Au:S/C:P/I:P/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3124.html CVE-2014-3124 https://bugzilla.suse.com/875668 SUSE Bug 875668 https://bugzilla.suse.com/880751 SUSE Bug 880751 https://bugzilla.suse.com/903970 SUSE Bug 903970 The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket. CVE-2014-3640 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3640.html CVE-2014-3640 https://bugzilla.suse.com/897654 SUSE Bug 897654 https://bugzilla.suse.com/965112 SUSE Bug 965112 The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr. CVE-2014-3672 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3672.html CVE-2014-3672 https://bugzilla.suse.com/981264 SUSE Bug 981264 Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5149. CVE-2014-5146 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-5146.html CVE-2014-5146 https://bugzilla.suse.com/889526 SUSE Bug 889526 https://bugzilla.suse.com/903970 SUSE Bug 903970 https://bugzilla.suse.com/918998 SUSE Bug 918998 https://bugzilla.suse.com/950367 SUSE Bug 950367 Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5146. CVE-2014-5149 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-5149.html CVE-2014-5149 https://bugzilla.suse.com/889526 SUSE Bug 889526 https://bugzilla.suse.com/903970 SUSE Bug 903970 https://bugzilla.suse.com/918998 SUSE Bug 918998 https://bugzilla.suse.com/950367 SUSE Bug 950367 The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest users to cause a denial of service (host crash) via vectors involving an uninitialized FIFO-based event channel control block when (1) binding or (2) moving an event to a different VCPU. CVE-2014-6268 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-6268.html CVE-2014-6268 https://bugzilla.suse.com/895804 SUSE Bug 895804 Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors. CVE-2014-7154 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 6.1 AV:A/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7154.html CVE-2014-7154 https://bugzilla.suse.com/880751 SUSE Bug 880751 https://bugzilla.suse.com/895798 SUSE Bug 895798 The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction. CVE-2014-7155 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.8 AV:A/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7155.html CVE-2014-7155 https://bugzilla.suse.com/880751 SUSE Bug 880751 https://bugzilla.suse.com/895799 SUSE Bug 895799 The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors. CVE-2014-7156 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 3.3 AV:A/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7156.html CVE-2014-7156 https://bugzilla.suse.com/880751 SUSE Bug 880751 https://bugzilla.suse.com/895802 SUSE Bug 895802 The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors. CVE-2014-7188 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 8.3 AV:A/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7188.html CVE-2014-7188 https://bugzilla.suse.com/880751 SUSE Bug 880751 https://bugzilla.suse.com/897657 SUSE Bug 897657 https://bugzilla.suse.com/903970 SUSE Bug 903970 The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value. CVE-2014-7815 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7815.html CVE-2014-7815 https://bugzilla.suse.com/902737 SUSE Bug 902737 https://bugzilla.suse.com/962627 SUSE Bug 962627 The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section. CVE-2015-1779 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 6.8 AV:N/AC:L/Au:S/C:N/I:N/A:C 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1779.html CVE-2015-1779 https://bugzilla.suse.com/924018 SUSE Bug 924018 https://bugzilla.suse.com/962632 SUSE Bug 962632 Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument. CVE-2015-3259 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.1 AV:L/AC:M/Au:S/C:P/I:P/A:P 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-3259.html CVE-2015-3259 https://bugzilla.suse.com/935634 SUSE Bug 935634 https://bugzilla.suse.com/936281 SUSE Bug 936281 https://bugzilla.suse.com/937018 SUSE Bug 937018 https://bugzilla.suse.com/950367 SUSE Bug 950367 Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. CVE-2015-3340 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.9 AV:A/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-3340.html CVE-2015-3340 https://bugzilla.suse.com/927967 SUSE Bug 927967 https://bugzilla.suse.com/929339 SUSE Bug 929339 The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM. CVE-2015-3456 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 7.7 AV:A/AC:L/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-3456.html CVE-2015-3456 https://bugzilla.suse.com/929339 SUSE Bug 929339 https://bugzilla.suse.com/932770 SUSE Bug 932770 https://bugzilla.suse.com/935900 SUSE Bug 935900 The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program. CVE-2015-4037 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4037.html CVE-2015-4037 https://bugzilla.suse.com/932267 SUSE Bug 932267 https://bugzilla.suse.com/950367 SUSE Bug 950367 Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields. CVE-2015-4103 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4103.html CVE-2015-4103 https://bugzilla.suse.com/931625 SUSE Bug 931625 Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors. CVE-2015-4104 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4104.html CVE-2015-4104 https://bugzilla.suse.com/931626 SUSE Bug 931626 Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations. CVE-2015-4105 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4105.html CVE-2015-4105 https://bugzilla.suse.com/931627 SUSE Bug 931627 QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors. CVE-2015-4106 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4106.html CVE-2015-4106 https://bugzilla.suse.com/931628 SUSE Bug 931628 Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands. CVE-2015-5154 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-5154.html CVE-2015-5154 https://bugzilla.suse.com/938344 SUSE Bug 938344 https://bugzilla.suse.com/950367 SUSE Bug 950367 Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop. CVE-2015-5239 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4 AV:N/AC:L/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-5239.html CVE-2015-5239 https://bugzilla.suse.com/944463 SUSE Bug 944463 https://bugzilla.suse.com/950367 SUSE Bug 950367 The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets. CVE-2015-5278 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4 AV:N/AC:L/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-5278.html CVE-2015-5278 https://bugzilla.suse.com/945989 SUSE Bug 945989 https://bugzilla.suse.com/964947 SUSE Bug 964947 The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. CVE-2015-5307 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-5307.html CVE-2015-5307 https://bugzilla.suse.com/953527 SUSE Bug 953527 https://bugzilla.suse.com/954018 SUSE Bug 954018 https://bugzilla.suse.com/954404 SUSE Bug 954404 https://bugzilla.suse.com/954405 SUSE Bug 954405 https://bugzilla.suse.com/962977 SUSE Bug 962977 The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. CVE-2015-6815 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.7 AV:A/AC:L/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6815.html CVE-2015-6815 https://bugzilla.suse.com/944697 SUSE Bug 944697 https://bugzilla.suse.com/950367 SUSE Bug 950367 hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash. CVE-2015-6855 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6855.html CVE-2015-6855 https://bugzilla.suse.com/945404 SUSE Bug 945404 https://bugzilla.suse.com/965156 SUSE Bug 965156 libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image. CVE-2015-7311 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 3.6 AV:L/AC:L/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7311.html CVE-2015-7311 https://bugzilla.suse.com/947165 SUSE Bug 947165 https://bugzilla.suse.com/950367 SUSE Bug 950367 Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode. CVE-2015-7504 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7504.html CVE-2015-7504 https://bugzilla.suse.com/956411 SUSE Bug 956411 Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. CVE-2015-7512 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7512.html CVE-2015-7512 https://bugzilla.suse.com/957162 SUSE Bug 957162 https://bugzilla.suse.com/962360 SUSE Bug 962360 The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method. CVE-2015-7549 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7549.html CVE-2015-7549 https://bugzilla.suse.com/958917 SUSE Bug 958917 https://bugzilla.suse.com/958918 SUSE Bug 958918 The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping. CVE-2015-7835 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7835.html CVE-2015-7835 https://bugzilla.suse.com/940929 SUSE Bug 940929 https://bugzilla.suse.com/947159 SUSE Bug 947159 https://bugzilla.suse.com/950367 SUSE Bug 950367 Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall. CVE-2015-7969 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7969.html CVE-2015-7969 https://bugzilla.suse.com/950703 SUSE Bug 950703 https://bugzilla.suse.com/950705 SUSE Bug 950705 The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory contents that triggers a "time-consuming linear scan," related to Populate-on-Demand. CVE-2015-7970 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7970.html CVE-2015-7970 https://bugzilla.suse.com/950704 SUSE Bug 950704 Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op function in common/xenoprof.c, or (2) HYPERVISOR_xenpmu_op hypercalls, which are not properly handled in the do_xenpmu_op function in arch/x86/cpu/vpmu.c. CVE-2015-7971 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7971.html CVE-2015-7971 https://bugzilla.suse.com/950706 SUSE Bug 950706 The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to "heavy memory pressure." CVE-2015-7972 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7972.html CVE-2015-7972 https://bugzilla.suse.com/950704 SUSE Bug 950704 https://bugzilla.suse.com/951845 SUSE Bug 951845 The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. CVE-2015-8104 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8104.html CVE-2015-8104 https://bugzilla.suse.com/1215748 SUSE Bug 1215748 https://bugzilla.suse.com/953527 SUSE Bug 953527 https://bugzilla.suse.com/954018 SUSE Bug 954018 https://bugzilla.suse.com/954404 SUSE Bug 954404 https://bugzilla.suse.com/954405 SUSE Bug 954405 https://bugzilla.suse.com/962977 SUSE Bug 962977 The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown. CVE-2015-8339 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8339.html CVE-2015-8339 https://bugzilla.suse.com/956408 SUSE Bug 956408 The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handling. CVE-2015-8340 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8340.html CVE-2015-8340 https://bugzilla.suse.com/956408 SUSE Bug 956408 The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains. CVE-2015-8341 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.5 AV:A/AC:L/Au:S/C:N/I:N/A:C 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8341.html CVE-2015-8341 https://bugzilla.suse.com/956409 SUSE Bug 956409 The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. CVE-2015-8345 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.2 AV:A/AC:M/Au:S/C:N/I:N/A:C 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8345.html CVE-2015-8345 https://bugzilla.suse.com/956829 SUSE Bug 956829 https://bugzilla.suse.com/956832 SUSE Bug 956832 Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. CVE-2015-8504 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 3.5 AV:N/AC:M/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8504.html CVE-2015-8504 https://bugzilla.suse.com/958491 SUSE Bug 958491 https://bugzilla.suse.com/958493 SUSE Bug 958493 Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability. CVE-2015-8550 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5.7 AV:L/AC:L/Au:S/C:P/I:P/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8550.html CVE-2015-8550 https://bugzilla.suse.com/1020452 SUSE Bug 1020452 https://bugzilla.suse.com/1052256 SUSE Bug 1052256 https://bugzilla.suse.com/957988 SUSE Bug 957988 Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qemu-dm) device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries, related to a "write path." CVE-2015-8554 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 6.6 AV:L/AC:M/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8554.html CVE-2015-8554 https://bugzilla.suse.com/958007 SUSE Bug 958007 Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors. CVE-2015-8555 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8555.html CVE-2015-8555 https://bugzilla.suse.com/958009 SUSE Bug 958009 The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list. CVE-2015-8558 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8558.html CVE-2015-8558 https://bugzilla.suse.com/959005 SUSE Bug 959005 https://bugzilla.suse.com/959006 SUSE Bug 959006 https://bugzilla.suse.com/976109 SUSE Bug 976109 https://bugzilla.suse.com/976111 SUSE Bug 976111 Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). CVE-2015-8567 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 6.8 AV:N/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8567.html CVE-2015-8567 https://bugzilla.suse.com/959386 SUSE Bug 959386 https://bugzilla.suse.com/959387 SUSE Bug 959387 Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly. CVE-2015-8568 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8568.html CVE-2015-8568 https://bugzilla.suse.com/959386 SUSE Bug 959386 https://bugzilla.suse.com/959387 SUSE Bug 959387 Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command. CVE-2015-8613 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8613.html CVE-2015-8613 https://bugzilla.suse.com/961358 SUSE Bug 961358 https://bugzilla.suse.com/961556 SUSE Bug 961556 The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method (HVM_PARAM_CALLBACK_IRQ). CVE-2015-8615 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8615.html CVE-2015-8615 https://bugzilla.suse.com/960093 SUSE Bug 960093 The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). CVE-2015-8619 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8619.html CVE-2015-8619 https://bugzilla.suse.com/960334 SUSE Bug 960334 https://bugzilla.suse.com/965269 SUSE Bug 965269 QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes. CVE-2015-8743 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 3 AV:L/AC:M/Au:S/C:P/I:P/A:N 3.6 AV:L/AC:L/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8743.html CVE-2015-8743 https://bugzilla.suse.com/960725 SUSE Bug 960725 https://bugzilla.suse.com/960726 SUSE Bug 960726 QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS. CVE-2015-8744 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8744.html CVE-2015-8744 https://bugzilla.suse.com/960835 SUSE Bug 960835 https://bugzilla.suse.com/960836 SUSE Bug 960836 QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS. CVE-2015-8745 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 1.5 AV:L/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8745.html CVE-2015-8745 https://bugzilla.suse.com/960707 SUSE Bug 960707 https://bugzilla.suse.com/960708 SUSE Bug 960708 Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command. CVE-2016-1568 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.1 AV:L/AC:M/Au:S/C:P/I:P/A:P 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1568.html CVE-2016-1568 https://bugzilla.suse.com/961332 SUSE Bug 961332 https://bugzilla.suse.com/961333 SUSE Bug 961333 The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates. CVE-2016-1570 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1570.html CVE-2016-1570 https://bugzilla.suse.com/960861 SUSE Bug 960861 The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check. CVE-2016-1571 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1571.html CVE-2016-1571 https://bugzilla.suse.com/960861 SUSE Bug 960861 https://bugzilla.suse.com/960862 SUSE Bug 960862 The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration. CVE-2016-1714 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.9 AV:A/AC:M/Au:S/C:P/I:P/A:P 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1714.html CVE-2016-1714 https://bugzilla.suse.com/961691 SUSE Bug 961691 https://bugzilla.suse.com/961692 SUSE Bug 961692 QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'current_cpu' remains null, which leads to the null pointer dereference. A user or process could use this flaw to crash the QEMU instance, resulting in DoS issue. CVE-2016-1922 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.9 AV:A/AC:M/Au:N/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1922.html CVE-2016-1922 https://bugzilla.suse.com/962320 SUSE Bug 962320 https://bugzilla.suse.com/962321 SUSE Bug 962321 QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS. CVE-2016-1981 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1981.html CVE-2016-1981 https://bugzilla.suse.com/963782 SUSE Bug 963782 https://bugzilla.suse.com/963783 SUSE Bug 963783 QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting in DoS. CVE-2016-2198 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-2198.html CVE-2016-2198 https://bugzilla.suse.com/964413 SUSE Bug 964413 https://bugzilla.suse.com/964415 SUSE Bug 964415 Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings. CVE-2016-2270 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 4.6 AV:L/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-2270.html CVE-2016-2270 https://bugzilla.suse.com/965315 SUSE Bug 965315 VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP. CVE-2016-2271 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-2271.html CVE-2016-2271 https://bugzilla.suse.com/965317 SUSE Bug 965317 The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers. CVE-2016-2391 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-2391.html CVE-2016-2391 https://bugzilla.suse.com/967012 SUSE Bug 967012 https://bugzilla.suse.com/967013 SUSE Bug 967013 https://bugzilla.suse.com/967101 SUSE Bug 967101 The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving a remote NDIS control message packet. CVE-2016-2392 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-2392.html CVE-2016-2392 https://bugzilla.suse.com/967012 SUSE Bug 967012 https://bugzilla.suse.com/967090 SUSE Bug 967090 Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the (1) rndis_query_response, (2) rndis_set_response, or (3) usb_net_handle_dataout function. CVE-2016-2538 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 3.6 AV:L/AC:L/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-2538.html CVE-2016-2538 https://bugzilla.suse.com/967969 SUSE Bug 967969 https://bugzilla.suse.com/968004 SUSE Bug 968004 The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring buffer control. CVE-2016-2841 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-2841.html CVE-2016-2841 https://bugzilla.suse.com/969350 SUSE Bug 969350 https://bugzilla.suse.com/969351 SUSE Bug 969351 The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors. CVE-2016-4439 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 3.5 AV:L/AC:H/Au:S/C:P/I:P/A:P 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-4439.html CVE-2016-4439 https://bugzilla.suse.com/980711 SUSE Bug 980711 https://bugzilla.suse.com/980716 SUSE Bug 980716 The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command. CVE-2016-4441 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 3.5 AV:L/AC:H/Au:S/C:P/I:P/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-4441.html CVE-2016-4441 https://bugzilla.suse.com/980723 SUSE Bug 980723 https://bugzilla.suse.com/980724 SUSE Bug 980724 The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode. CVE-2016-5238 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.1 AV:L/AC:M/Au:S/C:P/I:P/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5238.html CVE-2016-5238 https://bugzilla.suse.com/982959 SUSE Bug 982959 https://bugzilla.suse.com/982960 SUSE Bug 982960 The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer. CVE-2016-5338 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 3.5 AV:L/AC:H/Au:S/C:P/I:P/A:P 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5338.html CVE-2016-5338 https://bugzilla.suse.com/983982 SUSE Bug 983982 https://bugzilla.suse.com/983984 SUSE Bug 983984 The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries. CVE-2016-6258 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-6258.html CVE-2016-6258 https://bugzilla.suse.com/1072198 SUSE Bug 1072198 https://bugzilla.suse.com/1072223 SUSE Bug 1072223 https://bugzilla.suse.com/988675 SUSE Bug 988675 https://bugzilla.suse.com/988692 SUSE Bug 988692 Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check. CVE-2016-6259 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-6259.html CVE-2016-6259 https://bugzilla.suse.com/988676 SUSE Bug 988676 https://bugzilla.suse.com/988694 SUSE Bug 988694 The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the QEMU host via vectors involving DMA read into ESP command buffer. CVE-2016-6351 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 low 4 AV:A/AC:H/Au:S/C:P/I:P/A:P 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-6351.html CVE-2016-6351 https://bugzilla.suse.com/990835 SUSE Bug 990835 https://bugzilla.suse.com/990843 SUSE Bug 990843 The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables. CVE-2016-7092 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7092.html CVE-2016-7092 https://bugzilla.suse.com/995785 SUSE Bug 995785 Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation. CVE-2016-7093 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7093.html CVE-2016-7093 https://bugzilla.suse.com/995789 SUSE Bug 995789 Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update. CVE-2016-7094 openSUSE Tumbleweed:xen-4.7.0_12-1.3 openSUSE Tumbleweed:xen-devel-4.7.0_12-1.3 openSUSE Tumbleweed:xen-doc-html-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-32bit-4.7.0_12-1.3 openSUSE Tumbleweed:xen-libs-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-4.7.0_12-1.3 openSUSE Tumbleweed:xen-tools-domU-4.7.0_12-1.3 moderate 4.4 AV:L/AC:M/Au:S/C:N/I:N/A:C 1.5 AV:L/AC:M/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7094.html CVE-2016-7094 https://bugzilla.suse.com/995792 SUSE Bug 995792