Oval Definition:oval:org.opensuse.security:def:80148
Revision Date:2014-11-27Version:1
Title:Security update for Xen
Description:



Xen has been updated to version 4.2.5 with additional patches to fix six security issues:

* Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling (CVE-2014-9030). * Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor (CVE-2014-8867). * Excessive checking in compatibility mode hypercall argument translation (CVE-2014-8866). * Guest user mode triggerable VM exits not handled by hypervisor (bnc#903850). * Missing privilege level checks in x86 emulation of far branches (CVE-2014-8595). * Insufficient restrictions on certain MMU update hypercalls (CVE-2014-8594).

These non-security issues have been fixed:

* Xen save/restore of HVM guests cuts off disk and networking (bnc#866902). * Windows 2012 R2 fails to boot up with greater than 60 vcpus (bnc#882089). * Increase limit domUloader to 32MB (bnc#901317). * Adjust xentop column layout (bnc#896023).

Security Issues:

* CVE-2014-9030 * CVE-2014-8867 * CVE-2014-8866 * CVE-2014-8595 * CVE-2014-8594

Family:unixClass:patch
Status:Reference(s):866902
882089
896023
901317
903850
903967
903970
905465
905467
906439
CVE-2014-8594
CVE-2014-8595
CVE-2014-8866
CVE-2014-8867
CVE-2014-9030
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • xen-4.2.5_02-0.7.1 is installed
  • OR xen-doc-html-4.2.5_02-0.7.1 is installed
  • OR xen-doc-pdf-4.2.5_02-0.7.1 is installed
  • OR xen-kmp-default-4.2.5_02_3.0.101_0.40-0.7.1 is installed
  • OR xen-libs-4.2.5_02-0.7.1 is installed
  • OR xen-libs-32bit-4.2.5_02-0.7.1 is installed
  • OR xen-tools-4.2.5_02-0.7.1 is installed
  • OR xen-tools-domU-4.2.5_02-0.7.1 is installed
    • BACK