rpm package

suse/xen&distro=SUSE Linux Enterprise Desktop 12 SP2

pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Vulnerabilities (63)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2016-9603		—	< 4.7.2_04-39.1	4.7.2_04-39.1	Jul 27, 2018	A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest c
CVE-2017-2620		—	< 4.7.1_06-31.1	4.7.1_06-31.1	Jul 27, 2018	Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU pro
CVE-2017-2615		—	< 4.7.1_06-31.1	4.7.1_06-31.1	Jul 2, 2018	Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process result
CVE-2018-7541		—	< 4.7.5_02-43.27.1	4.7.5_02-43.27.1	Feb 27, 2018	An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
CVE-2018-7540		—	< 4.7.5_02-43.27.1	4.7.5_02-43.27.1	Feb 27, 2018	An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.
CVE-2018-5683		—	< 4.7.4_06-43.24.1	4.7.4_06-43.24.1	Jan 23, 2018	The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
CVE-2017-18030		—	< 4.7.4_06-43.24.1	4.7.4_06-43.24.1	Jan 23, 2018	The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
CVE-2017-5754		—	< 4.7.4_06-43.24.1	4.7.4_06-43.24.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2017-5753		—	< 4.7.4_06-43.24.1	4.7.4_06-43.24.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-5715		—	< 4.7.4_06-43.24.1	4.7.4_06-43.24.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-17566	Hig	7.8	< 4.7.4_06-43.24.1	4.7.4_06-43.24.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
CVE-2017-17565	Med	5.6	< 4.7.4_06-43.24.1	4.7.4_06-43.24.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.
CVE-2017-17564	Hig	7.8	< 4.7.4_06-43.24.1	4.7.4_06-43.24.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.
CVE-2017-17563	Hig	7.8	< 4.7.4_06-43.24.1	4.7.4_06-43.24.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
CVE-2017-15597	Cri	9.1	< 4.7.4_02-43.21.1	4.7.4_02-43.21.1	Oct 30, 2017	An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a g
CVE-2017-15595	Hig	8.8	< 4.7.3_06-43.15.1	4.7.3_06-43.15.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
CVE-2017-15594	Hig	8.8	< 4.7.3_06-43.15.1	4.7.3_06-43.15.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
CVE-2017-15593	Med	6.5	< 4.7.3_06-43.15.1	4.7.3_06-43.15.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
CVE-2017-15592	Hig	8.8	< 4.7.3_06-43.15.1	4.7.3_06-43.15.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
CVE-2017-15591	Med	6.5	< 4.7.3_06-43.15.1	4.7.3_06-43.15.1	Oct 18, 2017	An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.

CVE-2016-9603Jul 27, 2018
affected < 4.7.2_04-39.1fixed 4.7.2_04-39.1
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest c
CVE-2017-2620Jul 27, 2018
affected < 4.7.1_06-31.1fixed 4.7.1_06-31.1
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU pro
CVE-2017-2615Jul 2, 2018
affected < 4.7.1_06-31.1fixed 4.7.1_06-31.1
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process result
CVE-2018-7541Feb 27, 2018
affected < 4.7.5_02-43.27.1fixed 4.7.5_02-43.27.1
An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
CVE-2018-7540Feb 27, 2018
affected < 4.7.5_02-43.27.1fixed 4.7.5_02-43.27.1
An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.
CVE-2018-5683Jan 23, 2018
affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
CVE-2017-18030Jan 23, 2018
affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
CVE-2017-5754Jan 4, 2018
affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2017-5753Jan 4, 2018
affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-5715Jan 4, 2018
affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-17566HigDec 12, 2017
affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
CVE-2017-17565MedDec 12, 2017
affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.
CVE-2017-17564HigDec 12, 2017
affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.
CVE-2017-17563HigDec 12, 2017
affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
CVE-2017-15597CriOct 30, 2017
affected < 4.7.4_02-43.21.1fixed 4.7.4_02-43.21.1
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a g
CVE-2017-15595HigOct 18, 2017
affected < 4.7.3_06-43.15.1fixed 4.7.3_06-43.15.1
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
CVE-2017-15594HigOct 18, 2017
affected < 4.7.3_06-43.15.1fixed 4.7.3_06-43.15.1
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
CVE-2017-15593MedOct 18, 2017
affected < 4.7.3_06-43.15.1fixed 4.7.3_06-43.15.1
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
CVE-2017-15592HigOct 18, 2017
affected < 4.7.3_06-43.15.1fixed 4.7.3_06-43.15.1
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
CVE-2017-15591MedOct 18, 2017
affected < 4.7.3_06-43.15.1fixed 4.7.3_06-43.15.1
An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.

Page 1 of 4