Oval Definition:oval:org.opensuse.security:def:79904
Revision Date:2012-08-05Version:1
Title:Security update for Xen and libvirt
Description:



Xen was updated to fix several security issues:

*

CVE-2012-3433: A xen HVM guest destroy p2m teardown host DoS vulnerability was fixed, where malicious guest could lock/crash the host.

*

CVE-2012-3432: A xen HVM guest user mode MMIO emulation DoS was fixed.

*

CVE-2012-2625: The xen pv bootloader doesn't check the size of the bzip2 or lzma compressed kernel, leading to denial of service (crash).

Also the following bug in XEN has been fixed:

* bnc#746702 - Xen HVM DomU crash during Windows Server 2008 R2 install, when maxmem > memory

This update also included bugfixes for:

*

vm-install: - bnc#762963 - ReaR: Unable to recover a paravirtualized XEN guest

*

virt-manager - SLE11-SP2 ONLY

* bnc#764982 - virt-manager fails to start after upgrade to SLES11 SP2 from SLES10

Security Issue reference:

* CVE-2012-3432

Family:unixClass:patch
Status:Reference(s):746702
762484
762963
764982
766283
773393
773401
773955
CVE-2012-3432
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libvirt-0.9.6-0.21.3 is installed
  • OR libvirt-client-0.9.6-0.21.3 is installed
  • OR libvirt-client-32bit-0.9.6-0.21.3 is installed
  • OR libvirt-doc-0.9.6-0.21.3 is installed
  • OR libvirt-python-0.9.6-0.21.3 is installed
  • OR virt-manager-0.9.0-3.19.1 is installed
  • OR vm-install-0.5.10-0.5.1 is installed
  • OR xen-4.1.2_20-0.5.2 is installed
  • OR xen-doc-html-4.1.2_20-0.5.2 is installed
  • OR xen-doc-pdf-4.1.2_20-0.5.2 is installed
  • OR xen-kmp-default-4.1.2_20_3.0.38_0.5-0.5.2 is installed
  • OR xen-kmp-trace-4.1.2_20_3.0.38_0.5-0.5.2 is installed
  • OR xen-libs-4.1.2_20-0.5.2 is installed
  • OR xen-libs-32bit-4.1.2_20-0.5.2 is installed
  • OR xen-tools-4.1.2_20-0.5.2 is installed
  • OR xen-tools-domU-4.1.2_20-0.5.2 is installed
    • BACK