SuSE Local Security Checks : openSUSE: Security Advisory for xen (openSUSE-SU-2012:1687-1)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.850386
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for xen (openSUSE-SU-2012:1687-1)
Zusammenfassung:	The remote host is missing an update for the 'xen'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'xen' package(s) announced via the referenced advisory. Vulnerability Insight: XEN was updated to fix various denial of service issues. - bnc#789945 - CVE-2012-5510: xen: Grant table version switch list corruption vulnerability (XSA-26) - bnc#789944 - CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs (XSA-27) - bnc#789940 - CVE-2012-5512: xen: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak (XSA-28) - bnc#789951 - CVE-2012-5513: xen: XENMEM_exchange may overwrite hypervisor memory (XSA-29) - bnc#789948 - CVE-2012-5514: xen: Missing unlock in guest_physmap_mark_populate_on_demand() (XSA-30) - bnc#789950 - CVE-2012-5515: xen: Several memory hypercall operations allow invalid extent order values (XSA-31) - bnc#789988 - FATAL PAGE FAULT in hypervisor (arch_do_domctl) - Upstream patches from Jan 26132-tmem-save-NULL-check.patch 26134-x86-shadow-invlpg-check.patch 26148-vcpu-timer-overflow.patch (Replaces CVE-2012-4535-xsa20.patch) 26149-x86-p2m-physmap-error-path.patch (Replaces CVE-2012-4537-xsa22.patch) 26150-x86-shadow-unhook-toplevel-check.patch (Replaces CVE-2012-4538-xsa23.patch) - bnc#777628 - guest 'disappears' after live migration Updated block-dmmd script - Fix exception in balloon.py and osdep.py xen-max-free-mem.diff - bnc#792476 - efi files missing in latest XEN update Revert c/s 25751 EFI Makefile changes in 23614-x86_64-EFI-boot.patch Affected Software/OS: xen on openSUSE 12.1 Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-5510 BugTraq ID: 56794 http://www.securityfocus.com/bid/56794 Debian Security Information: DSA-2582 (Google Search) http://www.debian.org/security/2012/dsa-2582 http://security.gentoo.org/glsa/glsa-201309-24.xml http://www.openwall.com/lists/oss-security/2012/12/03/6 http://www.osvdb.org/88128 http://secunia.com/advisories/51397 http://secunia.com/advisories/51468 http://secunia.com/advisories/51486 http://secunia.com/advisories/51487 http://secunia.com/advisories/55082 SuSE Security Announcement: SUSE-SU-2012:1615 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html SuSE Security Announcement: SUSE-SU-2014:0446 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html SuSE Security Announcement: openSUSE-SU-2012:1685 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html SuSE Security Announcement: openSUSE-SU-2012:1687 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html SuSE Security Announcement: openSUSE-SU-2013:0133 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html SuSE Security Announcement: openSUSE-SU-2013:0636 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-04/msg00051.html SuSE Security Announcement: openSUSE-SU-2013:0637 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-04/msg00052.html XForce ISS Database: xen-grant-table-dos(80478) https://exchange.xforce.ibmcloud.com/vulnerabilities/80478 Common Vulnerability Exposure (CVE) ID: CVE-2012-5511 BugTraq ID: 56796 http://www.securityfocus.com/bid/56796 Debian Security Information: DSA-2636 (Google Search) http://www.debian.org/security/2013/dsa-2636 http://www.openwall.com/lists/oss-security/2012/12/03/10 http://www.osvdb.org/88129 XForce ISS Database: xen-hvm-dos(80484) https://exchange.xforce.ibmcloud.com/vulnerabilities/80484 Common Vulnerability Exposure (CVE) ID: CVE-2012-5512 BugTraq ID: 56799 http://www.securityfocus.com/bid/56799 http://www.openwall.com/lists/oss-security/2012/12/03/7 http://www.osvdb.org/88132 XForce ISS Database: xen-hvmopsetmemaccess-dos(80481) https://exchange.xforce.ibmcloud.com/vulnerabilities/80481 Common Vulnerability Exposure (CVE) ID: CVE-2012-5513 BugTraq ID: 56797 http://www.securityfocus.com/bid/56797 http://www.openwall.com/lists/oss-security/2012/12/03/11 http://www.osvdb.org/88131 RedHat Security Advisories: RHSA-2012:1540 http://rhn.redhat.com/errata/RHSA-2012-1540.html http://secunia.com/advisories/51495 SuSE Security Announcement: SUSE-SU-2012:1606 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00000.html SuSE Security Announcement: SUSE-SU-2014:0470 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html XForce ISS Database: xen-xenmemexchange-priv-esc(80482) https://exchange.xforce.ibmcloud.com/vulnerabilities/80482 Common Vulnerability Exposure (CVE) ID: CVE-2012-5514 BugTraq ID: 56803 http://www.securityfocus.com/bid/56803 http://www.openwall.com/lists/oss-security/2012/12/03/12 http://www.osvdb.org/88130 XForce ISS Database: xen-guestphysmapmark-dos(80483) https://exchange.xforce.ibmcloud.com/vulnerabilities/80483 Common Vulnerability Exposure (CVE) ID: CVE-2012-5515 BugTraq ID: 56798 http://www.securityfocus.com/bid/56798 http://lists.xen.org/archives/html/xen-announce/2012-12/msg00001.html http://www.openwall.com/lists/oss-security/2012/12/03/9 http://www.osvdb.org/88127 XForce ISS Database: xen-extentorder-dos(80479) https://exchange.xforce.ibmcloud.com/vulnerabilities/80479 Common Vulnerability Exposure (CVE) ID: CVE-2012-4535 BugTraq ID: 56498 http://www.securityfocus.com/bid/56498 https://security.gentoo.org/glsa/201604-03 http://lists.xen.org/archives/html/xen-announce/2012-11/msg00001.html http://www.openwall.com/lists/oss-security/2012/11/13/1 http://osvdb.org/87298 http://www.securitytracker.com/id?1027759 http://secunia.com/advisories/51200 http://secunia.com/advisories/51324 http://secunia.com/advisories/51352 http://secunia.com/advisories/51413 SuSE Security Announcement: SUSE-SU-2012:1486 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html SuSE Security Announcement: SUSE-SU-2012:1487 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html SuSE Security Announcement: openSUSE-SU-2012:1572 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html SuSE Security Announcement: openSUSE-SU-2012:1573 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html XForce ISS Database: xen-vcpu-dos(80022) https://exchange.xforce.ibmcloud.com/vulnerabilities/80022 Common Vulnerability Exposure (CVE) ID: CVE-2012-4537 http://lists.xen.org/archives/html/xen-announce/2012-11/msg00005.html http://www.openwall.com/lists/oss-security/2012/11/13/6 http://osvdb.org/87307 http://www.securitytracker.com/id?1027761 XForce ISS Database: xen-setp2mentry-dos(80024) https://exchange.xforce.ibmcloud.com/vulnerabilities/80024 Common Vulnerability Exposure (CVE) ID: CVE-2012-4538 http://lists.xen.org/archives/html/xen-announce/2012-11/msg00004.html http://www.openwall.com/lists/oss-security/2012/11/13/3 http://osvdb.org/87306 http://www.securitytracker.com/id?1027762 XForce ISS Database: xen-hvmop-dos(80025) https://exchange.xforce.ibmcloud.com/vulnerabilities/80025
Copyright	Copyright (C) 2013 Greenbone Networks GmbH