rpm package

suse/xen&distro=SUSE Linux Enterprise Server 11 SP3-LTSS

pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS

Vulnerabilities (136)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-18030		—	< 4.2.5_21-45.19.1	4.2.5_21-45.19.1	Jan 23, 2018	The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
CVE-2017-5754		—	< 4.2.5_21-45.19.1	4.2.5_21-45.19.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2017-5753		—	< 4.2.5_21-45.19.1	4.2.5_21-45.19.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-5715		—	< 4.2.5_21-45.19.1	4.2.5_21-45.19.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-17566	Hig	7.8	< 4.2.5_21-45.19.1	4.2.5_21-45.19.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
CVE-2017-17565	Med	5.6	< 4.2.5_21-45.19.1	4.2.5_21-45.19.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.
CVE-2017-17564	Hig	7.8	< 4.2.5_21-45.19.1	4.2.5_21-45.19.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.
CVE-2017-17563	Hig	7.8	< 4.2.5_21-45.19.1	4.2.5_21-45.19.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
CVE-2017-15597	Cri	9.1	< 4.2.5_21-45.16.1	4.2.5_21-45.16.1	Oct 30, 2017	An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a g
CVE-2017-15595	Hig	8.8	< 4.2.5_21-45.11.1	4.2.5_21-45.11.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
CVE-2017-15594	Hig	8.8	< 4.2.5_21-45.11.1	4.2.5_21-45.11.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
CVE-2017-15593	Med	6.5	< 4.2.5_21-45.11.1	4.2.5_21-45.11.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
CVE-2017-15592	Hig	8.8	< 4.2.5_21-45.11.1	4.2.5_21-45.11.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
CVE-2017-15590	Hig	8.8	< 4.2.5_21-45.11.1	4.2.5_21-45.11.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.
CVE-2017-15589	Med	6.5	< 4.2.5_21-45.11.1	4.2.5_21-45.11.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory.
CVE-2017-15588	Hig	7.8	< 4.2.5_21-45.11.1	4.2.5_21-45.11.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry.
CVE-2017-15289	Med	6.0	< 4.2.5_21-45.16.1	4.2.5_21-45.16.1	Oct 16, 2017	The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.
CVE-2017-14319	Hig	8.8	< 4.2.5_21-45.8.1	4.2.5_21-45.8.1	Sep 12, 2017	A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neit
CVE-2017-14317	Med	5.6	< 4.2.5_21-45.8.1	4.2.5_21-45.8.1	Sep 12, 2017	A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on
CVE-2017-14316	Hig	8.8	< 4.2.5_21-45.8.1	4.2.5_21-45.8.1	Sep 12, 2017	A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While the

CVE-2017-18030Jan 23, 2018
affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1
The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
CVE-2017-5754Jan 4, 2018
affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2017-5753Jan 4, 2018
affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-5715Jan 4, 2018
affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-17566HigDec 12, 2017
affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
CVE-2017-17565MedDec 12, 2017
affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.
CVE-2017-17564HigDec 12, 2017
affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.
CVE-2017-17563HigDec 12, 2017
affected < 4.2.5_21-45.19.1fixed 4.2.5_21-45.19.1
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
CVE-2017-15597CriOct 30, 2017
affected < 4.2.5_21-45.16.1fixed 4.2.5_21-45.16.1
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a g
CVE-2017-15595HigOct 18, 2017
affected < 4.2.5_21-45.11.1fixed 4.2.5_21-45.11.1
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
CVE-2017-15594HigOct 18, 2017
affected < 4.2.5_21-45.11.1fixed 4.2.5_21-45.11.1
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
CVE-2017-15593MedOct 18, 2017
affected < 4.2.5_21-45.11.1fixed 4.2.5_21-45.11.1
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
CVE-2017-15592HigOct 18, 2017
affected < 4.2.5_21-45.11.1fixed 4.2.5_21-45.11.1
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
CVE-2017-15590HigOct 18, 2017
affected < 4.2.5_21-45.11.1fixed 4.2.5_21-45.11.1
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.
CVE-2017-15589MedOct 18, 2017
affected < 4.2.5_21-45.11.1fixed 4.2.5_21-45.11.1
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory.
CVE-2017-15588HigOct 18, 2017
affected < 4.2.5_21-45.11.1fixed 4.2.5_21-45.11.1
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry.
CVE-2017-15289MedOct 16, 2017
affected < 4.2.5_21-45.16.1fixed 4.2.5_21-45.16.1
The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.
CVE-2017-14319HigSep 12, 2017
affected < 4.2.5_21-45.8.1fixed 4.2.5_21-45.8.1
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neit
CVE-2017-14317MedSep 12, 2017
affected < 4.2.5_21-45.8.1fixed 4.2.5_21-45.8.1
A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on
CVE-2017-14316HigSep 12, 2017
affected < 4.2.5_21-45.8.1fixed 4.2.5_21-45.8.1
A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While the

Page 2 of 7