VYPR

rpm package

suse/xen&distro=SUSE Linux Enterprise Point of Sale 11 SP3

pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3

Vulnerabilities (134)

  • CVE-2018-11806HigJun 13, 2018
    affected < 4.2.5_21-45.25.1fixed 4.2.5_21-45.25.1

    m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

  • CVE-2018-3639MedMay 22, 2018
    affected < 4.2.5_21-45.25.1fixed 4.2.5_21-45.25.1

    Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka

  • CVE-2018-10982HigMay 10, 2018
    affected < 4.2.5_21-45.25.1fixed 4.2.5_21-45.25.1

    An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC

  • CVE-2018-10981MedMay 10, 2018
    affected < 4.2.5_21-45.25.1fixed 4.2.5_21-45.25.1

    An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.

  • CVE-2018-8897HigMay 8, 2018
    affected < 4.2.5_21-45.22.1fixed 4.2.5_21-45.22.1

    A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP

  • CVE-2018-10472MedApr 27, 2018
    affected < 4.2.5_21-45.22.1fixed 4.2.5_21-45.22.1

    An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.

  • CVE-2018-10471MedApr 27, 2018
    affected < 4.2.5_21-45.22.1fixed 4.2.5_21-45.22.1

    An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.

  • CVE-2018-7550HigMar 1, 2018
    affected < 4.2.5_21-45.22.1fixed 4.2.5_21-45.22.1

    The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.

  • CVE-2018-7541HigFeb 27, 2018
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.

  • CVE-2018-7540MedFeb 27, 2018
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.

  • CVE-2018-5683MedJan 23, 2018
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.

  • CVE-2017-18030MedJan 23, 2018
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.

  • CVE-2017-5754MedJan 4, 2018
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

  • CVE-2017-5753MedJan 4, 2018
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

  • CVE-2017-5715MedJan 4, 2018
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

  • CVE-2017-17566HigDec 12, 2017
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.

  • CVE-2017-17565MedDec 12, 2017
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.

  • CVE-2017-17564HigDec 12, 2017
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.

  • CVE-2017-17563HigDec 12, 2017
    affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1

    An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.

  • CVE-2017-15597CriOct 30, 2017
    affected < 4.2.5_21-45.16.1fixed 4.2.5_21-45.16.1

    An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a g

Page 3 of 7