rpm package
suse/xen&distro=SUSE Linux Enterprise Software Development Kit 12 SP2
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2
Vulnerabilities (63)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-9603 | — | < 4.7.2_04-39.1 | 4.7.2_04-39.1 | Jul 27, 2018 | A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest c | ||
| CVE-2017-2620 | — | < 4.7.1_06-31.1 | 4.7.1_06-31.1 | Jul 27, 2018 | Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU pro | ||
| CVE-2017-2615 | — | < 4.7.1_06-31.1 | 4.7.1_06-31.1 | Jul 2, 2018 | Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process result | ||
| CVE-2018-7541 | — | < 4.7.5_02-43.27.1 | 4.7.5_02-43.27.1 | Feb 27, 2018 | An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1. | ||
| CVE-2018-7540 | — | < 4.7.5_02-43.27.1 | 4.7.5_02-43.27.1 | Feb 27, 2018 | An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing. | ||
| CVE-2018-5683 | — | < 4.7.4_06-43.24.1 | 4.7.4_06-43.24.1 | Jan 23, 2018 | The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. | ||
| CVE-2017-18030 | — | < 4.7.4_06-43.24.1 | 4.7.4_06-43.24.1 | Jan 23, 2018 | The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch. | ||
| CVE-2017-5754 | — | < 4.7.4_06-43.24.1 | 4.7.4_06-43.24.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. | ||
| CVE-2017-5753 | — | < 4.7.4_06-43.24.1 | 4.7.4_06-43.24.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | ||
| CVE-2017-5715 | — | < 4.7.4_06-43.24.1 | 4.7.4_06-43.24.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | ||
| CVE-2017-17566 | Hig | 7.8 | < 4.7.4_06-43.24.1 | 4.7.4_06-43.24.1 | Dec 12, 2017 | An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page. | |
| CVE-2017-17565 | Med | 5.6 | < 4.7.4_06-43.24.1 | 4.7.4_06-43.24.1 | Dec 12, 2017 | An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P. | |
| CVE-2017-17564 | Hig | 7.8 | < 4.7.4_06-43.24.1 | 4.7.4_06-43.24.1 | Dec 12, 2017 | An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode. | |
| CVE-2017-17563 | Hig | 7.8 | < 4.7.4_06-43.24.1 | 4.7.4_06-43.24.1 | Dec 12, 2017 | An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode. | |
| CVE-2017-15597 | Cri | 9.1 | < 4.7.4_02-43.21.1 | 4.7.4_02-43.21.1 | Oct 30, 2017 | An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a g | |
| CVE-2017-15595 | Hig | 8.8 | < 4.7.3_06-43.15.1 | 4.7.3_06-43.15.1 | Oct 18, 2017 | An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking. | |
| CVE-2017-15594 | Hig | 8.8 | < 4.7.3_06-43.15.1 | 4.7.3_06-43.15.1 | Oct 18, 2017 | An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging. | |
| CVE-2017-15593 | Med | 6.5 | < 4.7.3_06-43.15.1 | 4.7.3_06-43.15.1 | Oct 18, 2017 | An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled. | |
| CVE-2017-15592 | Hig | 8.8 | < 4.7.3_06-43.15.1 | 4.7.3_06-43.15.1 | Oct 18, 2017 | An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests. | |
| CVE-2017-15591 | Med | 6.5 | < 4.7.3_06-43.15.1 | 4.7.3_06-43.15.1 | Oct 18, 2017 | An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation. |
- CVE-2016-9603Jul 27, 2018affected < 4.7.2_04-39.1fixed 4.7.2_04-39.1
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest c
- CVE-2017-2620Jul 27, 2018affected < 4.7.1_06-31.1fixed 4.7.1_06-31.1
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU pro
- CVE-2017-2615Jul 2, 2018affected < 4.7.1_06-31.1fixed 4.7.1_06-31.1
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process result
- CVE-2018-7541Feb 27, 2018affected < 4.7.5_02-43.27.1fixed 4.7.5_02-43.27.1
An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
- CVE-2018-7540Feb 27, 2018affected < 4.7.5_02-43.27.1fixed 4.7.5_02-43.27.1
An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.
- CVE-2018-5683Jan 23, 2018affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
- CVE-2017-18030Jan 23, 2018affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
- CVE-2017-5754Jan 4, 2018affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
- CVE-2017-5753Jan 4, 2018affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
- CVE-2017-5715Jan 4, 2018affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
- affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
- affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.
- affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.
- affected < 4.7.4_06-43.24.1fixed 4.7.4_06-43.24.1
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
- affected < 4.7.4_02-43.21.1fixed 4.7.4_02-43.21.1
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a g
- affected < 4.7.3_06-43.15.1fixed 4.7.3_06-43.15.1
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
- affected < 4.7.3_06-43.15.1fixed 4.7.3_06-43.15.1
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
- affected < 4.7.3_06-43.15.1fixed 4.7.3_06-43.15.1
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
- affected < 4.7.3_06-43.15.1fixed 4.7.3_06-43.15.1
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
- affected < 4.7.3_06-43.15.1fixed 4.7.3_06-43.15.1
An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.
Page 1 of 4