rpm package

suse/xen&distro=SUSE OpenStack Cloud 6

pkg:rpm/suse/xen&distro=SUSE%20OpenStack%20Cloud%206

Vulnerabilities (52)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2018-8897		—	< 4.5.5_24-22.46.1	4.5.5_24-22.46.1	May 8, 2018	A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP
CVE-2018-10472		—	< 4.5.5_24-22.46.1	4.5.5_24-22.46.1	Apr 27, 2018	An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.
CVE-2018-10471		—	< 4.5.5_24-22.46.1	4.5.5_24-22.46.1	Apr 27, 2018	An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.
CVE-2018-7550		—	< 4.5.5_24-22.46.1	4.5.5_24-22.46.1	Mar 1, 2018	The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.
CVE-2018-5683		—	< 4.5.5_24-22.43.1	4.5.5_24-22.43.1	Jan 23, 2018	The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
CVE-2017-18030		—	< 4.5.5_24-22.43.1	4.5.5_24-22.43.1	Jan 23, 2018	The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
CVE-2017-5754		—	< 4.5.5_24-22.43.1	4.5.5_24-22.43.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2017-5753		—	< 4.5.5_24-22.43.1	4.5.5_24-22.43.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-5715		—	< 4.5.5_24-22.43.1	4.5.5_24-22.43.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-17566	Hig	7.8	< 4.5.5_24-22.43.1	4.5.5_24-22.43.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
CVE-2017-17565	Med	5.6	< 4.5.5_24-22.43.1	4.5.5_24-22.43.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.
CVE-2017-17564	Hig	7.8	< 4.5.5_24-22.43.1	4.5.5_24-22.43.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.
CVE-2017-17563	Hig	7.8	< 4.5.5_24-22.43.1	4.5.5_24-22.43.1	Dec 12, 2017	An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
CVE-2017-15597	Cri	9.1	< 4.5.5_20-22.36.3	4.5.5_20-22.36.3	Oct 30, 2017	An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a g
CVE-2017-15595	Hig	8.8	< 4.5.5_18-22.31.1	4.5.5_18-22.31.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
CVE-2017-15594	Hig	8.8	< 4.5.5_18-22.31.1	4.5.5_18-22.31.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
CVE-2017-15593	Med	6.5	< 4.5.5_18-22.31.1	4.5.5_18-22.31.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
CVE-2017-15592	Hig	8.8	< 4.5.5_18-22.31.1	4.5.5_18-22.31.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
CVE-2017-15591	Med	6.5	< 4.5.5_18-22.31.1	4.5.5_18-22.31.1	Oct 18, 2017	An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.
CVE-2017-15590	Hig	8.8	< 4.5.5_18-22.31.1	4.5.5_18-22.31.1	Oct 18, 2017	An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.

CVE-2018-8897May 8, 2018
affected < 4.5.5_24-22.46.1fixed 4.5.5_24-22.46.1
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP
CVE-2018-10472Apr 27, 2018
affected < 4.5.5_24-22.46.1fixed 4.5.5_24-22.46.1
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.
CVE-2018-10471Apr 27, 2018
affected < 4.5.5_24-22.46.1fixed 4.5.5_24-22.46.1
An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.
CVE-2018-7550Mar 1, 2018
affected < 4.5.5_24-22.46.1fixed 4.5.5_24-22.46.1
The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.
CVE-2018-5683Jan 23, 2018
affected < 4.5.5_24-22.43.1fixed 4.5.5_24-22.43.1
The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
CVE-2017-18030Jan 23, 2018
affected < 4.5.5_24-22.43.1fixed 4.5.5_24-22.43.1
The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
CVE-2017-5754Jan 4, 2018
affected < 4.5.5_24-22.43.1fixed 4.5.5_24-22.43.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2017-5753Jan 4, 2018
affected < 4.5.5_24-22.43.1fixed 4.5.5_24-22.43.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-5715Jan 4, 2018
affected < 4.5.5_24-22.43.1fixed 4.5.5_24-22.43.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-17566HigDec 12, 2017
affected < 4.5.5_24-22.43.1fixed 4.5.5_24-22.43.1
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
CVE-2017-17565MedDec 12, 2017
affected < 4.5.5_24-22.43.1fixed 4.5.5_24-22.43.1
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.
CVE-2017-17564HigDec 12, 2017
affected < 4.5.5_24-22.43.1fixed 4.5.5_24-22.43.1
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.
CVE-2017-17563HigDec 12, 2017
affected < 4.5.5_24-22.43.1fixed 4.5.5_24-22.43.1
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
CVE-2017-15597CriOct 30, 2017
affected < 4.5.5_20-22.36.3fixed 4.5.5_20-22.36.3
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a g
CVE-2017-15595HigOct 18, 2017
affected < 4.5.5_18-22.31.1fixed 4.5.5_18-22.31.1
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
CVE-2017-15594HigOct 18, 2017
affected < 4.5.5_18-22.31.1fixed 4.5.5_18-22.31.1
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
CVE-2017-15593MedOct 18, 2017
affected < 4.5.5_18-22.31.1fixed 4.5.5_18-22.31.1
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
CVE-2017-15592HigOct 18, 2017
affected < 4.5.5_18-22.31.1fixed 4.5.5_18-22.31.1
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
CVE-2017-15591MedOct 18, 2017
affected < 4.5.5_18-22.31.1fixed 4.5.5_18-22.31.1
An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.
CVE-2017-15590HigOct 18, 2017
affected < 4.5.5_18-22.31.1fixed 4.5.5_18-22.31.1
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.

Page 1 of 3