Security update for xen
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2017:2751-1
Final
1
1
2017-10-17T11:05:41Z
current
2017-10-17T11:05:41Z
2017-10-17T11:05:41Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for xen
This update for xen fixes several issues:
These security issues were fixed:
- CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a
memory leakage issue allowing a privileged user inside the guest to cause a DoS
and/or potentially crash the Qemu process on the host (bsc#1059777)
- bsc#1061084: Missing cleanup in the page type system allowed a malicious or
buggy PV guest to cause DoS (XSA-242)
- bsc#1061086: A problem in the shadow pagetable code allowed a malicious or
buggy HVM guest to cause DoS or cause hypervisor memory corruption potentially
allowing the guest to escalate its privilege (XSA-243)
- bsc#1061087: Problematic handling of the selector fields in the Interrupt
Descriptor Table (IDT) allowed a malicious or buggy x86 PV guest to escalate
its privileges or cause DoS (XSA-244)
- bsc#1061077 Missing checks in the handling of DMOPs allowed malicious or
buggy stub domain kernels or tool stacks otherwise living outside of Domain0 to
cause a DoS (XSA-238)
- bsc#1061080: Intercepted I/O write operations with less than a full machine
word's worth of data were not properly handled, which allowed a malicious
unprivileged x86 HVM guest to obtain sensitive information from the host or
other guests (XSA-239)
- bsc#1061081: In certain configurations of linear page tables a stack overflow
might have occured that allowed a malicious or buggy PV guest to cause DoS and
potentially privilege escalation and information leaks (XSA-240)
- bsc#1061082: Under certain conditions x86 PV guests could have caused the
hypervisor to miss a necessary TLB flush for a page. This allowed a malicious
x86 PV guest to access all of system memory, allowing for privilege escalation,
DoS, and information leaks (XSA-241)
- bsc#1061076: Multiple issues existed with the setup of PCI MSI interrupts
that allowed a malicious or buggy guest to cause DoS and potentially privilege
escalation and information leaks (XSA-237)
- bsc#1055321: When dealing with the grant map space of add-to-physmap
operations, ARM specific code failed to release a lock. This allowed a
malicious guest administrator to cause DoS (XSA-235)
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
SUSE-SLE-DESKTOP-12-SP3-2017-1702,SUSE-SLE-SDK-12-SP3-2017-1702,SUSE-SLE-SERVER-12-SP3-2017-1702
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2017/suse-su-20172751-1/
Link for SUSE-SU-2017:2751-1
https://lists.suse.com/pipermail/sle-security-updates/2017-October/003303.html
E-Mail link for SUSE-SU-2017:2751-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1027519
SUSE Bug 1027519
https://bugzilla.suse.com/1055321
SUSE Bug 1055321
https://bugzilla.suse.com/1059777
SUSE Bug 1059777
https://bugzilla.suse.com/1061076
SUSE Bug 1061076
https://bugzilla.suse.com/1061077
SUSE Bug 1061077
https://bugzilla.suse.com/1061080
SUSE Bug 1061080
https://bugzilla.suse.com/1061081
SUSE Bug 1061081
https://bugzilla.suse.com/1061082
SUSE Bug 1061082
https://bugzilla.suse.com/1061084
SUSE Bug 1061084
https://bugzilla.suse.com/1061086
SUSE Bug 1061086
https://bugzilla.suse.com/1061087
SUSE Bug 1061087
https://www.suse.com/security/cve/CVE-2017-5526/
SUSE CVE CVE-2017-5526 page
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Software Development Kit 12 SP3
xen-4.9.0_14-3.18.1
xen-libs-4.9.0_14-3.18.1
xen-libs-32bit-4.9.0_14-3.18.1
xen-devel-4.9.0_14-3.18.1
xen-doc-html-4.9.0_14-3.18.1
xen-tools-4.9.0_14-3.18.1
xen-tools-domU-4.9.0_14-3.18.1
xen-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Desktop 12 SP3
xen-libs-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Desktop 12 SP3
xen-libs-32bit-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Desktop 12 SP3
xen-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server 12 SP3
xen-doc-html-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server 12 SP3
xen-libs-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server 12 SP3
xen-libs-32bit-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server 12 SP3
xen-tools-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server 12 SP3
xen-tools-domU-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server 12 SP3
xen-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3
xen-doc-html-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3
xen-libs-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3
xen-libs-32bit-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3
xen-tools-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3
xen-tools-domU-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3
xen-devel-4.9.0_14-3.18.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3
Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-5526
SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.0_14-3.18.1
SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.0_14-3.18.1
SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.0_14-3.18.1
SUSE Linux Enterprise Server 12 SP3:xen-4.9.0_14-3.18.1
SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.0_14-3.18.1
SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.0_14-3.18.1
SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.0_14-3.18.1
SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.0_14-3.18.1
SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.0_14-3.18.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.0_14-3.18.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.0_14-3.18.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.0_14-3.18.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.0_14-3.18.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.0_14-3.18.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.0_14-3.18.1
SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.0_14-3.18.1
low
2.3
AV:A/AC:M/Au:S/C:N/I:N/A:P
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2017/suse-su-20172751-1/
https://www.suse.com/security/cve/CVE-2017-5526.html
CVE-2017-5526
https://bugzilla.suse.com/1020589
SUSE Bug 1020589
https://bugzilla.suse.com/1059777
SUSE Bug 1059777
https://bugzilla.suse.com/1178658
SUSE Bug 1178658