suse/xen&distro=SUSE Linux Enterprise Software Development Kit 12 SP2

Vulnerabilities (63)

• CVE-2016-7777MedOct 7, 2016
  affected < 4.7.1_02-25.1fixed 4.7.1_02-25.1

  Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emul

• CVE-2016-7909MedOct 5, 2016
  affected < 4.7.1_02-25.1fixed 4.7.1_02-25.1

  The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0.

• CVE-2016-7908MedOct 5, 2016
  affected < 4.7.1_02-25.1fixed 4.7.1_02-25.1

  The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors in