rpm package
suse/xen&distro=SUSE Linux Enterprise Point of Sale 11 SP3
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3
Vulnerabilities (134)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-12067 | Med | 6.5 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | Jun 2, 2021 | The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null. | |
| CVE-2020-11742 | Med | 5.5 | < 4.2.5_22-45.36.1 | 4.2.5_22-45.36.1 | Apr 14, 2020 | An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 int | |
| CVE-2020-11741 | Hig | 8.8 | < 4.2.5_22-45.36.1 | 4.2.5_22-45.36.1 | Apr 14, 2020 | An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the admini | |
| CVE-2020-11740 | Med | 5.5 | < 4.2.5_22-45.36.1 | 4.2.5_22-45.36.1 | Apr 14, 2020 | An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. Thes | |
| CVE-2020-8608 | Med | 5.6 | < 4.2.5_22-45.36.1 | 4.2.5_22-45.36.1 | Feb 6, 2020 | In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. | |
| CVE-2020-7211 | Hig | 7.5 | < 4.2.5_22-45.36.1 | 4.2.5_22-45.36.1 | Jan 21, 2020 | tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows. | |
| CVE-2019-18425 | Cri | 9.8 | < 4.2.5_22-45.36.1 | 4.2.5_22-45.36.1 | Oct 31, 2019 | An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table acce | |
| CVE-2019-18421 | Hig | 7.5 | < 4.2.5_22-45.36.1 | 4.2.5_22-45.36.1 | Oct 31, 2019 | An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for | |
| CVE-2019-17344 | Med | 6.5 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | Oct 8, 2019 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service by leveraging a long-running operation that exists to support restartability of PTE updates. | |
| CVE-2019-17343 | Med | 6.8 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | Oct 8, 2019 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains. | |
| CVE-2019-17342 | Hig | 7.0 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | Oct 8, 2019 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introduced. | |
| CVE-2019-17341 | Hig | 7.8 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | Oct 8, 2019 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passed-through PCI device. | |
| CVE-2019-17340 | Hig | 8.8 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | Oct 8, 2019 | An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled. | |
| CVE-2019-12068 | Low | 3.8 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | Sep 24, 2019 | In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an | |
| CVE-2019-15890 | Hig | 7.5 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | Sep 6, 2019 | libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. | |
| CVE-2019-14378 | Hig | 8.8 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | Jul 29, 2019 | ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. | |
| CVE-2019-9824 | Med | 5.5 | < 4.2.5_21-45.30.1 | 4.2.5_21-45.30.1 | Jun 3, 2019 | tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. | |
| CVE-2018-20815 | Cri | 9.8 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | May 31, 2019 | In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk. | |
| CVE-2019-12155 | Hig | 7.5 | < 4.2.5_21-45.33.1 | 4.2.5_21-45.33.1 | May 24, 2019 | interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference. | |
| CVE-2019-6778 | Hig | 7.8 | < 4.2.5_21-45.30.1 | 4.2.5_21-45.30.1 | Mar 21, 2019 | In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow. |
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.
- affected < 4.2.5_22-45.36.1fixed 4.2.5_22-45.36.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 int
- affected < 4.2.5_22-45.36.1fixed 4.2.5_22-45.36.1
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the admini
- affected < 4.2.5_22-45.36.1fixed 4.2.5_22-45.36.1
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. Thes
- affected < 4.2.5_22-45.36.1fixed 4.2.5_22-45.36.1
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
- affected < 4.2.5_22-45.36.1fixed 4.2.5_22-45.36.1
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.
- affected < 4.2.5_22-45.36.1fixed 4.2.5_22-45.36.1
An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table acce
- affected < 4.2.5_22-45.36.1fixed 4.2.5_22-45.36.1
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service by leveraging a long-running operation that exists to support restartability of PTE updates.
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains.
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introduced.
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passed-through PCI device.
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled.
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
- affected < 4.2.5_21-45.30.1fixed 4.2.5_21-45.30.1
tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.
- affected < 4.2.5_21-45.33.1fixed 4.2.5_21-45.33.1
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.
- affected < 4.2.5_21-45.30.1fixed 4.2.5_21-45.30.1
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
Page 1 of 7