SuSE Local Security Checks : openSUSE: Security Advisory for XEN (openSUSE-SU-2012:1572-1)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.850374
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for XEN (openSUSE-SU-2012:1572-1)
Zusammenfassung:	The remote host is missing an update for the 'XEN'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'XEN' package(s) announced via the referenced advisory. Vulnerability Insight: This security update of XEN fixes various bugs and security issues. - Upstream patch 26088-xend-xml-filesize-check.patch - bnc#787163 - CVE-2012-4544: xen: Domain builder Out-of- memory due to malicious kernel/ramdisk (XSA 25) CVE-2012-4544-xsa25.patch - bnc#779212 - CVE-2012-4411: XEN / qemu: guest administrator can access qemu monitor console (XSA-19) CVE-2012-4411-xsa19.patch - bnc#786516 - CVE-2012-4535: xen: Timer overflow DoS vulnerability CVE-2012-4535-xsa20.patch - bnc#786518 - CVE-2012-4536: xen: pirq range check DoS vulnerability CVE-2012-4536-xsa21.patch - bnc#786517 - CVE-2012-4537: xen: Memory mapping failure DoS vulnerability CVE-2012-4537-xsa22.patch - bnc#786519 - CVE-2012-4538: xen: Unhooking empty PAE entries DoS vulnerability CVE-2012-4538-xsa23.patch - bnc#786520 - CVE-2012-4539: xen: Grant table hypercall infinite loop DoS vulnerability CVE-2012-4539-xsa24.patch - bnc#784087 - L3: Xen BUG at io_apic.c:129 26102-x86-IOAPIC-legacy-not-first.patch - Upstream patches from Jan 26054-x86-AMD-perf-ctr-init.patch 26055-x86-oprof-hvm-mode.patch 26056-page-alloc-flush-filter.patch 26061-x86-oprof-counter-range.patch 26062-ACPI-ERST-move-data.patch 26063-x86-HPET-affinity-lock.patch 26093-HVM-PoD-grant-mem-type.patch - Upstream patches from Jan 25931-x86-domctl-iomem-mapping-checks.patch 25952-x86-MMIO-remap-permissions.patch - Upstream patches from Jan 25808-domain_create-return-value.patch 25814-x86_64-set-debugreg-guest.patch 25815-x86-PoD-no-bug-in-non-translated.patch 25816-x86-hvm-map-pirq-range-check.patch 25833-32on64-bogus-pt_base-adjust.patch 25834-x86-S3-MSI-resume.patch 25835-adjust-rcu-lock-domain.patch 25836-VT-d-S3-MSI-resume.patch 25850-tmem-xsa-15-1.patch 25851-tmem-xsa-15-2.patch 25852-tmem-xsa-15-3.patch 25853-tmem-xsa-15-4.patch 25854-tmem-xsa-15-5.patch 25855-tmem-xsa-15-6.patch 25856-tmem-xsa-15-7.patch 25857-tmem-xsa-15-8.patch 25858-tmem-xsa-15-9.patch 25859-tmem-missing-break.patch 25860-tmem-cleanup.patch 25883-pt-MSI-cleanup.patch 25927-x86-domctl-ioport-mapping-range.patch 25929-tmem-restore-pool-version.patch - bnc#778105 - first XEN-PV VM fails to spawn xend: Increase wait time for disk to appear in host bootloader Modified existing xen-domUloader.diff - Upstream patches from Jan 25752-ACPI-pm-op-valid-cpu.patch 25754-x86-PoD-early-access.patch 25755-x86-PoD-types.patch 25756-x86-MMIO-max-mapped-pfn.patch 25757-x86-EPT-PoD-1Gb-assert.patch 25764-x86-unknown-cpu-no-sysenter.patch 25765-x86_64-allow-unsafe-adjust.patch 25771-grant ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: XEN on openSUSE 12.1 Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0998 BugTraq ID: 22967 http://www.securityfocus.com/bid/22967 http://fedoranews.org/cms/node/2803 http://fedoranews.org/cms/node/2802 http://osvdb.org/34304 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486 RedHat Security Advisories: RHSA-2007:0114 http://rhn.redhat.com/errata/RHSA-2007-0114.html http://www.securitytracker.com/id?1017764 http://secunia.com/advisories/24575 http://secunia.com/advisories/51413 SuSE Security Announcement: SUSE-SU-2014:0446 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html SuSE Security Announcement: openSUSE-SU-2012:1572 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html SuSE Security Announcement: openSUSE-SU-2012:1573 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html http://www.vupen.com/english/advisories/2007/1019 http://www.vupen.com/english/advisories/2007/1020 http://www.vupen.com/english/advisories/2007/1021 XForce ISS Database: fedora-xen-qemuvnc-information-disclosure(33085) https://exchange.xforce.ibmcloud.com/vulnerabilities/33085 Common Vulnerability Exposure (CVE) ID: CVE-2012-2625 BugTraq ID: 53650 http://www.securityfocus.com/bid/53650 http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1817 http://www.openwall.com/lists/oss-security/2012/10/26/3 RedHat Security Advisories: RHSA-2012:1130 http://rhn.redhat.com/errata/RHSA-2012-1130.html http://www.securitytracker.com/id?1027090 http://secunia.com/advisories/49184 SuSE Security Announcement: SUSE-SU-2012:1043 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00024.html SuSE Security Announcement: SUSE-SU-2012:1044 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00025.html SuSE Security Announcement: SUSE-SU-2012:1135 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html SuSE Security Announcement: openSUSE-SU-2012:1172 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html SuSE Security Announcement: openSUSE-SU-2012:1174 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2012-2934 BugTraq ID: 53961 http://www.securityfocus.com/bid/53961 Debian Security Information: DSA-2501 (Google Search) http://www.debian.org/security/2012/dsa-2501 http://security.gentoo.org/glsa/glsa-201309-24.xml http://support.amd.com/us/Processor_TechDocs/25759.pdf http://lists.xen.org/archives/html/xen-announce/2012-06/msg00002.html http://secunia.com/advisories/55082 Common Vulnerability Exposure (CVE) ID: CVE-2012-3494 BugTraq ID: 55400 http://www.securityfocus.com/bid/55400 Debian Security Information: DSA-2544 (Google Search) http://www.debian.org/security/2012/dsa-2544 https://security.gentoo.org/glsa/201604-03 http://wiki.xen.org/wiki/Security_Announcements#XSA-12_hypercall_set_debugreg_vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=851139 http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html http://www.openwall.com/lists/oss-security/2012/09/05/5 http://osvdb.org/85197 http://www.securitytracker.com/id?1027479 http://secunia.com/advisories/50472 http://secunia.com/advisories/50530 SuSE Security Announcement: SUSE-SU-2012:1129 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html SuSE Security Announcement: SUSE-SU-2012:1132 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html SuSE Security Announcement: SUSE-SU-2012:1133 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html SuSE Security Announcement: SUSE-SU-2012:1162 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html XForce ISS Database: xen-setdebugreg-dos(78265) https://exchange.xforce.ibmcloud.com/vulnerabilities/78265 Common Vulnerability Exposure (CVE) ID: CVE-2012-3495 BugTraq ID: 55406 http://www.securityfocus.com/bid/55406 http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html http://www.openwall.com/lists/oss-security/2012/09/05/6 http://www.securitytracker.com/id?1027480 Common Vulnerability Exposure (CVE) ID: CVE-2012-3496 BugTraq ID: 55412 http://www.securityfocus.com/bid/55412 https://bugzilla.redhat.com/show_bug.cgi?id=854590 http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html http://www.openwall.com/lists/oss-security/2012/09/05/7 http://www.osvdb.org/85200 http://securitytracker.com/id?1027481 XForce ISS Database: xen-xenmempopulatephysmap-dos(78267) https://exchange.xforce.ibmcloud.com/vulnerabilities/78267 Common Vulnerability Exposure (CVE) ID: CVE-2012-3497 BugTraq ID: 55410 http://www.securityfocus.com/bid/55410 http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://www.openwall.com/lists/oss-security/2012/09/05/8 http://osvdb.org/85199 http://www.securitytracker.com/id?1027482 http://secunia.com/advisories/51324 http://secunia.com/advisories/51352 SuSE Security Announcement: SUSE-SU-2012:1486 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html SuSE Security Announcement: SUSE-SU-2012:1487 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html XForce ISS Database: xen-tmem-priv-esc(78268) https://exchange.xforce.ibmcloud.com/vulnerabilities/78268 Common Vulnerability Exposure (CVE) ID: CVE-2012-3498 BugTraq ID: 55414 http://www.securityfocus.com/bid/55414 https://bugzilla.redhat.com/show_bug.cgi?id=851193 http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html http://www.openwall.com/lists/oss-security/2012/09/05/9 http://osvdb.org/85198 http://securitytracker.com/id?1027483 XForce ISS Database: xen-physdevopmappirq-dos(78269) https://exchange.xforce.ibmcloud.com/vulnerabilities/78269 Common Vulnerability Exposure (CVE) ID: CVE-2012-3515 BugTraq ID: 55413 http://www.securityfocus.com/bid/55413 Debian Security Information: DSA-2543 (Google Search) http://www.debian.org/security/2012/dsa-2543 Debian Security Information: DSA-2545 (Google Search) http://www.debian.org/security/2012/dsa-2545 http://lists.xen.org/archives/html/xen-announce/2012-09/msg00003.html http://www.openwall.com/lists/oss-security/2012/09/05/10 RedHat Security Advisories: RHSA-2012:1233 http://rhn.redhat.com/errata/RHSA-2012-1233.html RedHat Security Advisories: RHSA-2012:1234 http://rhn.redhat.com/errata/RHSA-2012-1234.html RedHat Security Advisories: RHSA-2012:1235 http://rhn.redhat.com/errata/RHSA-2012-1235.html RedHat Security Advisories: RHSA-2012:1236 http://rhn.redhat.com/errata/RHSA-2012-1236.html RedHat Security Advisories: RHSA-2012:1262 http://rhn.redhat.com/errata/RHSA-2012-1262.html RedHat Security Advisories: RHSA-2012:1325 http://rhn.redhat.com/errata/RHSA-2012-1325.html http://secunia.com/advisories/50528 http://secunia.com/advisories/50632 http://secunia.com/advisories/50689 http://secunia.com/advisories/50860 http://secunia.com/advisories/50913 SuSE Security Announcement: SUSE-SU-2012:1202 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html SuSE Security Announcement: SUSE-SU-2012:1203 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00026.html SuSE Security Announcement: SUSE-SU-2012:1205 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00027.html SuSE Security Announcement: SUSE-SU-2012:1320 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00002.html SuSE Security Announcement: openSUSE-SU-2012:1153 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-09/msg00051.html SuSE Security Announcement: openSUSE-SU-2012:1170 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00016.html http://www.ubuntu.com/usn/USN-1590-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-4411 BugTraq ID: 55442 http://www.securityfocus.com/bid/55442 http://lists.xen.org/archives/html/xen-announce/2012-09/msg00007.html http://lists.xen.org/archives/html/xen-announce/2012-09/msg00008.html http://www.openwall.com/lists/oss-security/2012/09/06/7 http://www.openwall.com/lists/oss-security/2012/09/06/2 http://www.openwall.com/lists/oss-security/2012/09/07/5 http://secunia.com/advisories/50493 Common Vulnerability Exposure (CVE) ID: CVE-2012-4535 BugTraq ID: 56498 http://www.securityfocus.com/bid/56498 Debian Security Information: DSA-2582 (Google Search) http://www.debian.org/security/2012/dsa-2582 http://lists.xen.org/archives/html/xen-announce/2012-11/msg00001.html http://www.openwall.com/lists/oss-security/2012/11/13/1 http://osvdb.org/87298 RedHat Security Advisories: RHSA-2012:1540 http://rhn.redhat.com/errata/RHSA-2012-1540.html http://www.securitytracker.com/id?1027759 http://secunia.com/advisories/51200 http://secunia.com/advisories/51468 SuSE Security Announcement: SUSE-SU-2012:1615 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html SuSE Security Announcement: SUSE-SU-2014:0470 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html XForce ISS Database: xen-vcpu-dos(80022) https://exchange.xforce.ibmcloud.com/vulnerabilities/80022 Common Vulnerability Exposure (CVE) ID: CVE-2012-4536 http://lists.xen.org/archives/html/xen-announce/2012-11/msg00003.html http://www.openwall.com/lists/oss-security/2012/11/13/2 http://osvdb.org/87297 http://www.securitytracker.com/id?1027760 XForce ISS Database: xen-domainpirqtoemuirq-dos(80023) https://exchange.xforce.ibmcloud.com/vulnerabilities/80023 Common Vulnerability Exposure (CVE) ID: CVE-2012-4537 http://lists.xen.org/archives/html/xen-announce/2012-11/msg00005.html http://www.openwall.com/lists/oss-security/2012/11/13/6 http://osvdb.org/87307 http://www.securitytracker.com/id?1027761 XForce ISS Database: xen-setp2mentry-dos(80024) https://exchange.xforce.ibmcloud.com/vulnerabilities/80024 Common Vulnerability Exposure (CVE) ID: CVE-2012-4538 http://lists.xen.org/archives/html/xen-announce/2012-11/msg00004.html http://www.openwall.com/lists/oss-security/2012/11/13/3 http://osvdb.org/87306 http://www.securitytracker.com/id?1027762 XForce ISS Database: xen-hvmop-dos(80025) https://exchange.xforce.ibmcloud.com/vulnerabilities/80025 Common Vulnerability Exposure (CVE) ID: CVE-2012-4539 http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html http://www.openwall.com/lists/oss-security/2012/11/13/4 http://www.osvdb.org/87305 http://www.securitytracker.com/id?1027763 SuSE Security Announcement: openSUSE-SU-2012:1685 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html XForce ISS Database: xen-gnttabopgetstatus-dos(80026) https://exchange.xforce.ibmcloud.com/vulnerabilities/80026 Common Vulnerability Exposure (CVE) ID: CVE-2012-4544 BugTraq ID: 56289 http://www.securityfocus.com/bid/56289 Debian Security Information: DSA-2636 (Google Search) http://www.debian.org/security/2013/dsa-2636 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092050.html http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091844.html http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091832.html http://osvdb.org/86619 RedHat Security Advisories: RHSA-2013:0241 http://rhn.redhat.com/errata/RHSA-2013-0241.html http://www.securitytracker.com/id?1027699 http://secunia.com/advisories/51071 SuSE Security Announcement: SUSE-SU-2014:0411 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html XForce ISS Database: xen-pvdomainbuilder-dos(79617) https://exchange.xforce.ibmcloud.com/vulnerabilities/79617
Copyright	Copyright (C) 2012 Greenbone Networks GmbH