Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.851269
Categoría:SuSE Local Security Checks
Título:openSUSE: Security Advisory for xen (openSUSE-SU-2016:0995-1)
Resumen:The remote host is missing an update for the 'xen'; package(s) announced via the referenced advisory.
Descripción:Summary:
The remote host is missing an update for the 'xen'
package(s) announced via the referenced advisory.

Vulnerability Insight:
xen was updated to version 4.4.4 to fix 33 security issues.

These security issues were fixed:

- CVE-2016-2392: NULL pointer dereference in remote NDIS control message
handling (bsc#967012).

- CVE-2015-5239: Integer overflow in vnc_client_read() and
protocol_client_msg() (bsc#944463).

- CVE-2016-2270: Xen allowed local guest administrators to cause a denial
of service (host reboot) via vectors related to multiple mappings of
MMIO pages with different cachability settings (boo#965315).

- CVE-2016-2538: Integer overflow in remote NDIS control message handling
(bsc#967969).

- CVE-2015-7512: Buffer overflow in the pcnet_receive function in
hw/net/pcnet.c, when a guest NIC has a larger MTU, allowed remote
attackers to cause a denial of service (guest OS crash) or execute
arbitrary code via a large packet (boo#962360).

- CVE-2014-3689: The vmware-vga driver (hw/display/vmware_vga.c) allowed
local guest users to write to qemu memory locations and gain privileges
via unspecified parameters related to rectangle handling (boo#962611).

- CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989).

- CVE-2016-1568: AHCI use-after-free vulnerability in aio port commands
(bsc#961332).

- CVE-2016-1981: e1000 infinite loop in start_xmit and e1000_receive_iov
routines (bsc#963782).

- CVE-2016-2198: EHCI NULL pointer dereference in ehci_caps_write
(bsc#964413).

- CVE-2015-6815: e1000: infinite loop issue (bsc#944697).

- CVE-2014-0222: Integer overflow in the qcow_open function in
block/qcow.c allowed remote attackers to cause a denial of service
(crash) via a large L2 table in a QCOW version 1 image (boo#964925).

- CVE-2015-6855: hw/ide/core.c did not properly restrict the commands
accepted by an ATAPI device, which allowed guest users to cause a denial
of service or possibly have unspecified other impact via certain IDE
commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty
drive, which triggers a divide-by-zero error and instance crash
(boo#965156).

- CVE-2016-2271: VMX in using an Intel or Cyrix CPU, allowed local HVM
guest users to cause a denial of service (guest crash) via vectors
related to a non-canonical RIP (boo#965317).

- CVE-2013-4534: Buffer overflow in hw/intc/openpic.c allowed remote
attackers to cause a denial of service or possibly execute arbitrary
code via vectors related to IRQDest elements (boo#964452).

- CVE-2013-4537: The ssi_sd_transfer function in hw/sd/ssi-sd.c allowed
remote attackers to execute arbitrary code via a crafted arglen value in
a savevm image (boo#962642).

- ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
xen on openSUSE 13.2

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-4529
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html
http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html
http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html
RedHat Security Advisories: RHSA-2014:0927
http://rhn.redhat.com/errata/RHSA-2014-0927.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4530
Common Vulnerability Exposure (CVE) ID: CVE-2013-4533
Common Vulnerability Exposure (CVE) ID: CVE-2013-4534
Common Vulnerability Exposure (CVE) ID: CVE-2013-4537
Common Vulnerability Exposure (CVE) ID: CVE-2013-4538
Common Vulnerability Exposure (CVE) ID: CVE-2013-4539
Common Vulnerability Exposure (CVE) ID: CVE-2014-0222
BugTraq ID: 67357
http://www.securityfocus.com/bid/67357
Debian Security Information: DSA-3044 (Google Search)
http://www.debian.org/security/2014/dsa-3044
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html
https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
SuSE Security Announcement: SUSE-SU-2015:0929 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html
SuSE Security Announcement: openSUSE-SU-2015:1965 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3689
Debian Security Information: DSA-3066 (Google Search)
http://www.debian.org/security/2014/dsa-3066
Debian Security Information: DSA-3067 (Google Search)
http://www.debian.org/security/2014/dsa-3067
https://www.mail-archive.com/qemu-devel@nongnu.org/msg261580.html
http://www.osvdb.org/114397
http://secunia.com/advisories/60923
http://secunia.com/advisories/62143
http://secunia.com/advisories/62144
http://www.ubuntu.com/usn/USN-2409-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-7815
RedHat Security Advisories: RHSA-2015:0349
http://rhn.redhat.com/errata/RHSA-2015-0349.html
RedHat Security Advisories: RHSA-2015:0624
http://rhn.redhat.com/errata/RHSA-2015-0624.html
http://secunia.com/advisories/61484
SuSE Security Announcement: SUSE-SU-2015:1782 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-9718
BugTraq ID: 73316
http://www.securityfocus.com/bid/73316
Debian Security Information: DSA-3259 (Google Search)
http://www.debian.org/security/2015/dsa-3259
http://openwall.com/lists/oss-security/2015/04/20/7
Common Vulnerability Exposure (CVE) ID: CVE-2015-1779
BugTraq ID: 73303
http://www.securityfocus.com/bid/73303
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154656.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155196.html
https://security.gentoo.org/glsa/201602-01
https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04894.html
https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04896.html
https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04895.html
http://www.openwall.com/lists/oss-security/2015/03/24/9
http://www.openwall.com/lists/oss-security/2015/04/09/6
RedHat Security Advisories: RHSA-2015:1931
http://rhn.redhat.com/errata/RHSA-2015-1931.html
RedHat Security Advisories: RHSA-2015:1943
http://rhn.redhat.com/errata/RHSA-2015-1943.html
http://www.securitytracker.com/id/1033975
SuSE Security Announcement: SUSE-SU-2015:0870 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00033.html
SuSE Security Announcement: SUSE-SU-2015:0896 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html
http://www.ubuntu.com/usn/USN-2608-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5239
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html
http://www.openwall.com/lists/oss-security/2015/09/02/7
http://www.ubuntu.com/usn/USN-2745-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5278
http://www.openwall.com/lists/oss-security/2015/09/15/2
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03985.html
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-6815
http://www.openwall.com/lists/oss-security/2015/09/04/4
http://www.openwall.com/lists/oss-security/2015/09/05/5
https://bugzilla.redhat.com/show_bug.cgi?id=1260076
Common Vulnerability Exposure (CVE) ID: CVE-2015-6855
BugTraq ID: 76691
http://www.securityfocus.com/bid/76691
Debian Security Information: DSA-3361 (Google Search)
http://www.debian.org/security/2015/dsa-3361
Debian Security Information: DSA-3362 (Google Search)
http://www.debian.org/security/2015/dsa-3362
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169039.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169036.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167369.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169327.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168602.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169341.html
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg02479.html
http://www.openwall.com/lists/oss-security/2015/09/10/1
http://www.openwall.com/lists/oss-security/2015/09/10/2
Common Vulnerability Exposure (CVE) ID: CVE-2015-7512
BugTraq ID: 78230
http://www.securityfocus.com/bid/78230
Debian Security Information: DSA-3469 (Google Search)
http://www.debian.org/security/2016/dsa-3469
Debian Security Information: DSA-3470 (Google Search)
http://www.debian.org/security/2016/dsa-3470
Debian Security Information: DSA-3471 (Google Search)
http://www.debian.org/security/2016/dsa-3471
http://www.openwall.com/lists/oss-security/2015/11/30/3
RedHat Security Advisories: RHSA-2015:2694
http://rhn.redhat.com/errata/RHSA-2015-2694.html
RedHat Security Advisories: RHSA-2015:2695
http://rhn.redhat.com/errata/RHSA-2015-2695.html
RedHat Security Advisories: RHSA-2015:2696
http://rhn.redhat.com/errata/RHSA-2015-2696.html
http://www.securitytracker.com/id/1034527
Common Vulnerability Exposure (CVE) ID: CVE-2015-8345
BugTraq ID: 77985
http://www.securityfocus.com/bid/77985
http://www.openwall.com/lists/oss-security/2015/11/25/11
https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8613
BugTraq ID: 79719
http://www.securityfocus.com/bid/79719
https://security.gentoo.org/glsa/201604-01
http://www.openwall.com/lists/oss-security/2015/12/22/1
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg03737.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8619
BugTraq ID: 79668
http://www.securityfocus.com/bid/79668
http://www.openwall.com/lists/oss-security/2015/12/23/1
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02930.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8743
BugTraq ID: 79820
http://www.securityfocus.com/bid/79820
http://www.openwall.com/lists/oss-security/2016/01/04/1
http://www.openwall.com/lists/oss-security/2016/01/04/2
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00050.html
http://www.securitytracker.com/id/1034574
Common Vulnerability Exposure (CVE) ID: CVE-2015-8744
BugTraq ID: 79821
http://www.securityfocus.com/bid/79821
http://www.openwall.com/lists/oss-security/2016/01/04/3
http://www.openwall.com/lists/oss-security/2016/01/04/6
http://www.securitytracker.com/id/1034576
Common Vulnerability Exposure (CVE) ID: CVE-2015-8745
BugTraq ID: 79822
http://www.securityfocus.com/bid/79822
http://www.openwall.com/lists/oss-security/2016/01/04/4
http://www.openwall.com/lists/oss-security/2016/01/04/7
http://www.securitytracker.com/id/1034575
Common Vulnerability Exposure (CVE) ID: CVE-2016-1568
BugTraq ID: 80191
http://www.securityfocus.com/bid/80191
http://www.openwall.com/lists/oss-security/2016/01/09/1
http://www.openwall.com/lists/oss-security/2016/01/09/2
RedHat Security Advisories: RHSA-2016:0084
http://rhn.redhat.com/errata/RHSA-2016-0084.html
RedHat Security Advisories: RHSA-2016:0086
http://rhn.redhat.com/errata/RHSA-2016-0086.html
RedHat Security Advisories: RHSA-2016:0087
http://rhn.redhat.com/errata/RHSA-2016-0087.html
RedHat Security Advisories: RHSA-2016:0088
http://rhn.redhat.com/errata/RHSA-2016-0088.html
http://www.securitytracker.com/id/1034859
Common Vulnerability Exposure (CVE) ID: CVE-2016-1570
Debian Security Information: DSA-3519 (Google Search)
http://www.debian.org/security/2016/dsa-3519
http://www.securitytracker.com/id/1034744
Common Vulnerability Exposure (CVE) ID: CVE-2016-1571
http://www.securitytracker.com/id/1034745
Common Vulnerability Exposure (CVE) ID: CVE-2016-1714
BugTraq ID: 80250
http://www.securityfocus.com/bid/80250
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00428.html
http://www.openwall.com/lists/oss-security/2016/01/11/7
http://www.openwall.com/lists/oss-security/2016/01/12/10
http://www.openwall.com/lists/oss-security/2016/01/12/11
RedHat Security Advisories: RHSA-2016:0081
http://rhn.redhat.com/errata/RHSA-2016-0081.html
RedHat Security Advisories: RHSA-2016:0082
http://rhn.redhat.com/errata/RHSA-2016-0082.html
RedHat Security Advisories: RHSA-2016:0083
http://rhn.redhat.com/errata/RHSA-2016-0083.html
RedHat Security Advisories: RHSA-2016:0085
http://rhn.redhat.com/errata/RHSA-2016-0085.html
http://www.securitytracker.com/id/1034858
Common Vulnerability Exposure (CVE) ID: CVE-2016-1981
BugTraq ID: 81549
http://www.securityfocus.com/bid/81549
http://www.openwall.com/lists/oss-security/2016/01/19/10
http://www.openwall.com/lists/oss-security/2016/01/22/1
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03454.html
RedHat Security Advisories: RHSA-2016:2585
http://rhn.redhat.com/errata/RHSA-2016-2585.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2198
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
http://www.openwall.com/lists/oss-security/2016/01/29/6
http://www.openwall.com/lists/oss-security/2016/01/30/2
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg05899.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2270
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177990.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178518.html
https://security.gentoo.org/glsa/201604-03
http://www.securitytracker.com/id/1035042
Common Vulnerability Exposure (CVE) ID: CVE-2016-2271
http://www.securitytracker.com/id/1035043
Common Vulnerability Exposure (CVE) ID: CVE-2016-2392
BugTraq ID: 83274
http://www.securityfocus.com/bid/83274
https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
http://www.openwall.com/lists/oss-security/2016/02/16/7
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg02553.html
http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html
http://www.ubuntu.com/usn/USN-2974-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-2538
BugTraq ID: 83336
http://www.securityfocus.com/bid/83336
http://www.openwall.com/lists/oss-security/2016/02/22/3
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03658.html
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.