Security update for Xen SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:0944-1 Final 1 1 2013-03-13T11:27:38Z current 2013-03-13T11:27:38Z 2013-03-13T11:27:38Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Xen XEN has been updated to fix various bugs and security issues: * CVE-2013-0153: (XSA 36) To avoid an erratum in early hardware, the Xen AMD IOMMU code by default choose to use a single interrupt remapping table for the whole system. This sharing implied that any guest with a passed through PCI device that is bus mastering capable can inject interrupts into other guests, including domain 0. This has been disabled for AMD chipsets not capable of it. * CVE-2012-6075: qemu: The e1000 had overflows under some conditions, potentially corrupting memory. * CVE-2013-0154: (XSA 37) Hypervisor crash due to incorrect ASSERT (debug build only) * CVE-2012-5634: (XSA-33) A VT-d interrupt remapping source validation flaw was fixed. Also the following bugs have been fixed: * bnc#805094 - xen hot plug attach/detach fails * bnc#802690 - domain locking can prevent a live migration from completing * bnc#797014 - no way to control live migrations o fix logic error in stdiostream_progress o restore logging in xc_save o add options to control migration tunables * bnc#806736: enabling xentrace crashes hypervisor * Upstream patches from Jan 26287-sched-credit-pick-idle.patch 26501-VMX-simplify-CR0-update.patch 26502-VMX-disable-SMEP-when-not-paging.patch 26516-ACPI-parse-table-retval.patch (Replaces CVE-2013-0153-xsa36.patch) 26517-AMD-IOMMU-clear-irtes.patch (Replaces CVE-2013-0153-xsa36.patch) 26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch (Replaces CVE-2013-0153-xsa36.patch) 26519-AMD-IOMMU-perdev-intremap-default.patch (Replaces CVE-2013-0153-xsa36.patch) 26526-pvdrv-no-devinit.patch 26531-AMD-IOMMU-IVHD-special-missing.patch (Replaces CVE-2013-0153-xsa36.patch) * bnc#798188 - Add $network to xend initscript dependencies * bnc#799694 - Unable to dvd or cdrom-boot DomU after xen-tools update Fixed with update to Xen version 4.1.4 * bnc#800156 - L3: HP iLo Generate NMI function not working in XEN kernel * Upstream patches from Jan 26404-x86-forward-both-NMI-kinds.patch 26427-x86-AMD-enable-WC+.patch * bnc#793927 - Xen VMs with more than 2 disks randomly fail to start * Upstream patches from Jan 26332-x86-compat-show-guest-stack-mfn.patch 26333-x86-get_page_type-assert.patch (Replaces CVE-2013-0154-xsa37.patch) 26340-VT-d-intremap-verify-legacy-bridge.patch (Replaces CVE-2012-5634-xsa33.patch) 26370-libxc-x86-initial-mapping-fit.patch * Update to Xen 4.1.4 c/s 23432 * Update xenpaging.guest-memusage.patch add rule for xenmem to avoid spurious build failures * Upstream patches from Jan 26179-PCI-find-next-cap.patch 26183-x86-HPET-masking.patch 26188-x86-time-scale-asm.patch 26200-IOMMU-debug-verbose.patch 26203-x86-HAP-dirty-vram-leak.patch 26229-gnttab-version-switch.patch (Replaces CVE-2012-5510-xsa26.patch) 26230-x86-HVM-limit-batches.patch (Replaces CVE-2012-5511-xsa27.patch) 26231-memory-exchange-checks.patch (Replaces CVE-2012-5513-xsa29.patch) 26232-x86-mark-PoD-error-path.patch (Replaces CVE-2012-5514-xsa30.patch) 26233-memop-order-checks.patch (Replaces CVE-2012-5515-xsa31.patch) 26235-IOMMU-ATS-max-queue-depth.patch 26272-x86-EFI-makefile-cflags-filter.patch 26294-x86-AMD-Fam15-way-access-filter.patch CVE-2013-0154-xsa37.patch * Restore c/s 25751 in 23614-x86_64-EFI-boot.patch. Modify the EFI Makefile to do additional filtering. Security Issue references: * CVE-2013-0153 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0153> * CVE-2012-6075 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075> * CVE-2012-5634 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5634> The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). slessp2-xen Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ Link for SUSE-SU-2015:0944-1 https://lists.opensuse.org/opensuse-security-announce/2015-05/msg00025.html E-Mail link for SUSE-SU-2015:0944-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/777628 SUSE Bug 777628 https://bugzilla.suse.com/789940 SUSE Bug 789940 https://bugzilla.suse.com/789944 SUSE Bug 789944 https://bugzilla.suse.com/789945 SUSE Bug 789945 https://bugzilla.suse.com/789948 SUSE Bug 789948 https://bugzilla.suse.com/789950 SUSE Bug 789950 https://bugzilla.suse.com/789951 SUSE Bug 789951 https://bugzilla.suse.com/789988 SUSE Bug 789988 https://bugzilla.suse.com/792476 SUSE Bug 792476 https://bugzilla.suse.com/793927 SUSE Bug 793927 https://bugzilla.suse.com/794316 SUSE Bug 794316 https://bugzilla.suse.com/797014 SUSE Bug 797014 https://bugzilla.suse.com/797031 SUSE Bug 797031 https://bugzilla.suse.com/797523 SUSE Bug 797523 https://bugzilla.suse.com/798188 SUSE Bug 798188 https://bugzilla.suse.com/799694 SUSE Bug 799694 https://bugzilla.suse.com/800156 SUSE Bug 800156 https://bugzilla.suse.com/800275 SUSE Bug 800275 https://bugzilla.suse.com/802690 SUSE Bug 802690 https://bugzilla.suse.com/805094 SUSE Bug 805094 https://bugzilla.suse.com/806736 SUSE Bug 806736 https://bugzilla.suse.com/910441 SUSE Bug 910441 https://bugzilla.suse.com/927967 SUSE Bug 927967 https://bugzilla.suse.com/929339 SUSE Bug 929339 https://www.suse.com/security/cve/CVE-2012-5510/ SUSE CVE CVE-2012-5510 page https://www.suse.com/security/cve/CVE-2012-5511/ SUSE CVE CVE-2012-5511 page https://www.suse.com/security/cve/CVE-2012-5512/ SUSE CVE CVE-2012-5512 page https://www.suse.com/security/cve/CVE-2012-5513/ SUSE CVE CVE-2012-5513 page https://www.suse.com/security/cve/CVE-2012-5514/ SUSE CVE CVE-2012-5514 page https://www.suse.com/security/cve/CVE-2012-5515/ SUSE CVE CVE-2012-5515 page https://www.suse.com/security/cve/CVE-2012-5634/ SUSE CVE CVE-2012-5634 page https://www.suse.com/security/cve/CVE-2012-6075/ SUSE CVE CVE-2012-6075 page https://www.suse.com/security/cve/CVE-2013-0153/ SUSE CVE CVE-2013-0153 page https://www.suse.com/security/cve/CVE-2015-3340/ SUSE CVE CVE-2015-3340 page https://www.suse.com/security/cve/CVE-2015-3456/ SUSE CVE CVE-2015-3456 page SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-4.1.4_02-0.5.1 xen-devel-4.1.6_08-0.11.1 xen-doc-html-4.1.4_02-0.5.1 xen-doc-pdf-4.1.4_02-0.5.1 xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 xen-libs-4.1.4_02-0.5.1 xen-libs-32bit-4.1.4_02-0.5.1 xen-tools-4.1.4_02-0.5.1 xen-tools-domU-4.1.4_02-0.5.1 xen-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-devel-4.1.6_08-0.11.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-doc-html-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-doc-pdf-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-libs-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-libs-32bit-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-tools-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-tools-domU-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 xen-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-devel-4.1.6_08-0.11.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-doc-html-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-doc-pdf-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-libs-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-libs-32bit-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-tools-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-tools-domU-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS xen-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-devel-4.1.6_08-0.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-doc-html-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-doc-pdf-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-libs-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-libs-32bit-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-tools-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 xen-tools-domU-4.1.4_02-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors. CVE-2012-5510 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2012-5510.html CVE-2012-5510 https://bugzilla.suse.com/789945 SUSE Bug 789945 Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image. CVE-2012-5511 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2012-5511.html CVE-2012-5511 https://bugzilla.suse.com/789944 SUSE Bug 789944 Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors. CVE-2012-5512 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2012-5512.html CVE-2012-5512 https://bugzilla.suse.com/789940 SUSE Bug 789940 The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range. CVE-2012-5513 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2012-5513.html CVE-2012-5513 https://bugzilla.suse.com/789951 SUSE Bug 789951 The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors. CVE-2012-5514 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2012-5514.html CVE-2012-5514 https://bugzilla.suse.com/789948 SUSE Bug 789948 https://bugzilla.suse.com/789988 SUSE Bug 789988 The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value. CVE-2012-5515 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2012-5515.html CVE-2012-5515 https://bugzilla.suse.com/789950 SUSE Bug 789950 Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does not properly configure VT-d when supporting a device that is behind a legacy PCI Bridge, which allows local guests to cause a denial of service to other guests by injecting an interrupt. CVE-2012-5634 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2012-5634.html CVE-2012-5634 https://bugzilla.suse.com/794316 SUSE Bug 794316 https://bugzilla.suse.com/800275 SUSE Bug 800275 https://bugzilla.suse.com/840592 SUSE Bug 840592 Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet. CVE-2012-6075 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2012-6075.html CVE-2012-6075 https://bugzilla.suse.com/797523 SUSE Bug 797523 https://bugzilla.suse.com/800275 SUSE Bug 800275 https://bugzilla.suse.com/840592 SUSE Bug 840592 The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests. CVE-2013-0153 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2013-0153.html CVE-2013-0153 https://bugzilla.suse.com/800275 SUSE Bug 800275 https://bugzilla.suse.com/800802 SUSE Bug 800802 https://bugzilla.suse.com/840592 SUSE Bug 840592 Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. CVE-2015-3340 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2015-3340.html CVE-2015-3340 https://bugzilla.suse.com/927967 SUSE Bug 927967 https://bugzilla.suse.com/929339 SUSE Bug 929339 The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM. CVE-2015-3456 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2-LTSS:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-devel-4.1.6_08-0.11.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-html-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-doc-pdf-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-32bit-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-libs-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-4.1.4_02-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:xen-tools-domU-4.1.4_02-0.5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1/ https://www.suse.com/security/cve/CVE-2015-3456.html CVE-2015-3456 https://bugzilla.suse.com/929339 SUSE Bug 929339 https://bugzilla.suse.com/932770 SUSE Bug 932770 https://bugzilla.suse.com/935900 SUSE Bug 935900