Test Kennung:	1.3.6.1.4.1.25623.1.0.850866
Kategorie:	SuSE Local Security Checks
Titel:	SUSE: Security Advisory for Xen (SUSE-SU-2015:0613-1)
Zusammenfassung:	The remote host is missing an update for the 'Xen'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'Xen' package(s) announced via the referenced advisory. Vulnerability Insight: The XEN hypervisor received updates to fix various security issues and bugs. The following security issues were fixed: - CVE-2015-2151: XSA-123: A hypervisor memory corruption due to x86 emulator flaw. - CVE-2015-2045: XSA-122: Information leak through version information hypercall. - CVE-2015-2044: XSA-121: Information leak via internal x86 system device emulation. - CVE-2015-2152: XSA-119: HVM qemu was unexpectedly enabling emulated VGA graphics backends. - CVE-2014-3615: Information leakage when guest sets high graphics resolution. - CVE-2015-0361: XSA-116: A xen crash due to use after free on hvm guest teardown. - CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock starvation. Also the following bugs were fixed: - bnc#919098 - XEN blktap device intermittently fails to connect - bnc#882089 - Windows 2012 R2 fails to boot up with greater than 60 vcpus - bnc#903680 - Problems with detecting free loop devices on Xen guest startup - bnc#861318 - xentop reports 'Found interface vif101.0 but domain 101 does not exist.' - Update seabios to rel-1.7.3.1 which is the correct version for Xen 4.4 - Enhancement to virsh/libvirtd 'send-key' command The xen side small fix. (FATE#317240) - bnc#901488 - Intel ixgbe driver assigns rx/tx queues per core resulting in irq problems on servers with a large amount of CPU cores - bnc#910254 - SLES11 SP3 Xen VT-d igb NIC doesn't work - Add domain_migrate_constraints_set API to Xend's http interface (FATE#317239) - Restore missing fixes from block-dmmd script - bnc#904255 - XEN boot hangs in early boot on UEFI system - bsc#912011 - high ping latency after upgrade to latest SLES11SP3 on xen Dom0 - Fix missing banner by restoring the figlet program. Affected Software/OS: Xen on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12 Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3615 BugTraq ID: 69654 http://www.securityfocus.com/bid/69654 Debian Security Information: DSA-3044 (Google Search) http://www.debian.org/security/2014/dsa-3044 RedHat Security Advisories: RHSA-2014:1669 http://rhn.redhat.com/errata/RHSA-2014-1669.html RedHat Security Advisories: RHSA-2014:1670 http://rhn.redhat.com/errata/RHSA-2014-1670.html RedHat Security Advisories: RHSA-2014:1941 http://rhn.redhat.com/errata/RHSA-2014-1941.html http://secunia.com/advisories/61829 SuSE Security Announcement: openSUSE-SU-2015:0732 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html http://www.ubuntu.com/usn/USN-2409-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-9065 BugTraq ID: 71544 http://www.securityfocus.com/bid/71544 https://security.gentoo.org/glsa/201504-04 http://www.openwall.com/lists/oss-security/2014/12/08/4 SuSE Security Announcement: openSUSE-SU-2015:0226 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html SuSE Security Announcement: openSUSE-SU-2015:0256 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html Common Vulnerability Exposure (CVE) ID: CVE-2014-9066 BugTraq ID: 71546 http://www.securityfocus.com/bid/71546 Common Vulnerability Exposure (CVE) ID: CVE-2015-0361 BugTraq ID: 71882 http://www.securityfocus.com/bid/71882 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148103.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148241.html http://www.securitytracker.com/id/1031498 Common Vulnerability Exposure (CVE) ID: CVE-2015-2044 BugTraq ID: 72954 http://www.securityfocus.com/bid/72954 Debian Security Information: DSA-3181 (Google Search) http://www.debian.org/security/2015/dsa-3181 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html http://www.securitytracker.com/id/1031806 http://www.securitytracker.com/id/1031836 Common Vulnerability Exposure (CVE) ID: CVE-2015-2045 BugTraq ID: 72955 http://www.securityfocus.com/bid/72955 http://www.securitytracker.com/id/1031837 Common Vulnerability Exposure (CVE) ID: CVE-2015-2151 BugTraq ID: 73015 http://www.securityfocus.com/bid/73015 https://security.gentoo.org/glsa/201604-03 http://www.securitytracker.com/id/1031903 Common Vulnerability Exposure (CVE) ID: CVE-2015-2152 BugTraq ID: 73068 http://www.securityfocus.com/bid/73068 http://www.securitytracker.com/id/1031919
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.