Security update for xen SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:2250-1 Final 1 1 2015-12-10T13:34:20Z current 2015-12-10T13:34:20Z 2015-12-10T13:34:20Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xen This update fixes the following security issues: - bsc#947165 - CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142) - bsc#954405 - CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in microcode via #DB exception - bsc#954018 - CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156) - bsc#950704 - CVE-2015-7970: xen: x86: Long latency populate-on-demand operation is not preemptible (XSA-150) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html E-Mail link for openSUSE-SU-2015:2250-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE 13.2 xen-4.4.3_04-33.1 xen-debugsource-4.4.3_04-33.1 xen-devel-4.4.3_04-33.1 xen-doc-html-4.4.3_04-33.1 xen-kmp-default-4.4.3_04_k3.16.7_29-33.1 xen-kmp-default-debuginfo-4.4.3_04_k3.16.7_29-33.1 xen-kmp-desktop-4.4.3_04_k3.16.7_29-33.1 xen-kmp-desktop-debuginfo-4.4.3_04_k3.16.7_29-33.1 xen-libs-4.4.3_04-33.1 xen-libs-32bit-4.4.3_04-33.1 xen-libs-debuginfo-4.4.3_04-33.1 xen-libs-debuginfo-32bit-4.4.3_04-33.1 xen-tools-4.4.3_04-33.1 xen-tools-debuginfo-4.4.3_04-33.1 xen-tools-domU-4.4.3_04-33.1 xen-tools-domU-debuginfo-4.4.3_04-33.1 xen-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-debugsource-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-devel-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-doc-html-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-kmp-default-4.4.3_04_k3.16.7_29-33.1 as a component of openSUSE 13.2 xen-kmp-default-debuginfo-4.4.3_04_k3.16.7_29-33.1 as a component of openSUSE 13.2 xen-kmp-desktop-4.4.3_04_k3.16.7_29-33.1 as a component of openSUSE 13.2 xen-kmp-desktop-debuginfo-4.4.3_04_k3.16.7_29-33.1 as a component of openSUSE 13.2 xen-libs-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-libs-32bit-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-libs-debuginfo-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-libs-debuginfo-32bit-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-tools-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-tools-debuginfo-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-tools-domU-4.4.3_04-33.1 as a component of openSUSE 13.2 xen-tools-domU-debuginfo-4.4.3_04-33.1 as a component of openSUSE 13.2 The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. CVE-2015-5307 openSUSE 13.2:xen-4.4.3_04-33.1 openSUSE 13.2:xen-debugsource-4.4.3_04-33.1 openSUSE 13.2:xen-devel-4.4.3_04-33.1 openSUSE 13.2:xen-doc-html-4.4.3_04-33.1 openSUSE 13.2:xen-kmp-default-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-default-debuginfo-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-desktop-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-desktop-debuginfo-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-libs-32bit-4.4.3_04-33.1 openSUSE 13.2:xen-libs-4.4.3_04-33.1 openSUSE 13.2:xen-libs-debuginfo-32bit-4.4.3_04-33.1 openSUSE 13.2:xen-libs-debuginfo-4.4.3_04-33.1 openSUSE 13.2:xen-tools-4.4.3_04-33.1 openSUSE 13.2:xen-tools-debuginfo-4.4.3_04-33.1 openSUSE 13.2:xen-tools-domU-4.4.3_04-33.1 openSUSE 13.2:xen-tools-domU-debuginfo-4.4.3_04-33.1 moderate 5.1 AV:A/AC:M/Au:S/C:N/I:N/A:C Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html https://www.suse.com/security/cve/CVE-2015-5307.html CVE-2015-5307 https://bugzilla.suse.com/953527 SUSE Bug 953527 https://bugzilla.suse.com/954018 SUSE Bug 954018 https://bugzilla.suse.com/954404 SUSE Bug 954404 https://bugzilla.suse.com/954405 SUSE Bug 954405 https://bugzilla.suse.com/962977 SUSE Bug 962977 libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image. CVE-2015-7311 openSUSE 13.2:xen-4.4.3_04-33.1 openSUSE 13.2:xen-debugsource-4.4.3_04-33.1 openSUSE 13.2:xen-devel-4.4.3_04-33.1 openSUSE 13.2:xen-doc-html-4.4.3_04-33.1 openSUSE 13.2:xen-kmp-default-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-default-debuginfo-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-desktop-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-desktop-debuginfo-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-libs-32bit-4.4.3_04-33.1 openSUSE 13.2:xen-libs-4.4.3_04-33.1 openSUSE 13.2:xen-libs-debuginfo-32bit-4.4.3_04-33.1 openSUSE 13.2:xen-libs-debuginfo-4.4.3_04-33.1 openSUSE 13.2:xen-tools-4.4.3_04-33.1 openSUSE 13.2:xen-tools-debuginfo-4.4.3_04-33.1 openSUSE 13.2:xen-tools-domU-4.4.3_04-33.1 openSUSE 13.2:xen-tools-domU-debuginfo-4.4.3_04-33.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html https://www.suse.com/security/cve/CVE-2015-7311.html CVE-2015-7311 https://bugzilla.suse.com/947165 SUSE Bug 947165 https://bugzilla.suse.com/950367 SUSE Bug 950367 The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping. CVE-2015-7835 openSUSE 13.2:xen-4.4.3_04-33.1 openSUSE 13.2:xen-debugsource-4.4.3_04-33.1 openSUSE 13.2:xen-devel-4.4.3_04-33.1 openSUSE 13.2:xen-doc-html-4.4.3_04-33.1 openSUSE 13.2:xen-kmp-default-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-default-debuginfo-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-desktop-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-desktop-debuginfo-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-libs-32bit-4.4.3_04-33.1 openSUSE 13.2:xen-libs-4.4.3_04-33.1 openSUSE 13.2:xen-libs-debuginfo-32bit-4.4.3_04-33.1 openSUSE 13.2:xen-libs-debuginfo-4.4.3_04-33.1 openSUSE 13.2:xen-tools-4.4.3_04-33.1 openSUSE 13.2:xen-tools-debuginfo-4.4.3_04-33.1 openSUSE 13.2:xen-tools-domU-4.4.3_04-33.1 openSUSE 13.2:xen-tools-domU-debuginfo-4.4.3_04-33.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html https://www.suse.com/security/cve/CVE-2015-7835.html CVE-2015-7835 https://bugzilla.suse.com/940929 SUSE Bug 940929 https://bugzilla.suse.com/947159 SUSE Bug 947159 https://bugzilla.suse.com/950367 SUSE Bug 950367 The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory contents that triggers a "time-consuming linear scan," related to Populate-on-Demand. CVE-2015-7970 openSUSE 13.2:xen-4.4.3_04-33.1 openSUSE 13.2:xen-debugsource-4.4.3_04-33.1 openSUSE 13.2:xen-devel-4.4.3_04-33.1 openSUSE 13.2:xen-doc-html-4.4.3_04-33.1 openSUSE 13.2:xen-kmp-default-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-default-debuginfo-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-desktop-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-desktop-debuginfo-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-libs-32bit-4.4.3_04-33.1 openSUSE 13.2:xen-libs-4.4.3_04-33.1 openSUSE 13.2:xen-libs-debuginfo-32bit-4.4.3_04-33.1 openSUSE 13.2:xen-libs-debuginfo-4.4.3_04-33.1 openSUSE 13.2:xen-tools-4.4.3_04-33.1 openSUSE 13.2:xen-tools-debuginfo-4.4.3_04-33.1 openSUSE 13.2:xen-tools-domU-4.4.3_04-33.1 openSUSE 13.2:xen-tools-domU-debuginfo-4.4.3_04-33.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html https://www.suse.com/security/cve/CVE-2015-7970.html CVE-2015-7970 https://bugzilla.suse.com/950704 SUSE Bug 950704 The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. CVE-2015-8104 openSUSE 13.2:xen-4.4.3_04-33.1 openSUSE 13.2:xen-debugsource-4.4.3_04-33.1 openSUSE 13.2:xen-devel-4.4.3_04-33.1 openSUSE 13.2:xen-doc-html-4.4.3_04-33.1 openSUSE 13.2:xen-kmp-default-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-default-debuginfo-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-desktop-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-kmp-desktop-debuginfo-4.4.3_04_k3.16.7_29-33.1 openSUSE 13.2:xen-libs-32bit-4.4.3_04-33.1 openSUSE 13.2:xen-libs-4.4.3_04-33.1 openSUSE 13.2:xen-libs-debuginfo-32bit-4.4.3_04-33.1 openSUSE 13.2:xen-libs-debuginfo-4.4.3_04-33.1 openSUSE 13.2:xen-tools-4.4.3_04-33.1 openSUSE 13.2:xen-tools-debuginfo-4.4.3_04-33.1 openSUSE 13.2:xen-tools-domU-4.4.3_04-33.1 openSUSE 13.2:xen-tools-domU-debuginfo-4.4.3_04-33.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html https://www.suse.com/security/cve/CVE-2015-8104.html CVE-2015-8104 https://bugzilla.suse.com/953527 SUSE Bug 953527 https://bugzilla.suse.com/954018 SUSE Bug 954018 https://bugzilla.suse.com/954404 SUSE Bug 954404 https://bugzilla.suse.com/954405 SUSE Bug 954405 https://bugzilla.suse.com/962977 SUSE Bug 962977