Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.851157
Kategorie:SuSE Local Security Checks
Titel:openSUSE: Security Advisory for xen (openSUSE-SU-2016:0124-1)
Zusammenfassung:The remote host is missing an update for the 'xen'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'xen'
package(s) announced via the referenced advisory.

Vulnerability Insight:
This update for xen fixes the following security issues:

- CVE-2015-8550: paravirtualized drivers incautious about shared memory
contents (XSA-155, boo#957988)

- CVE-2015-8558: qemu: usb: infinite loop in ehci_advance_state results in
DoS (boo#959006)

- CVE-2015-7549: qemu pci: null pointer dereference issue (boo#958918)

- CVE-2015-8504: qemu: ui: vnc: avoid floating point exception (boo#958493)

- CVE-2015-8554: qemu-dm buffer overrun in MSI-X handling (XSA-164,
boo#958007)

- CVE-2015-8555: information leak in legacy x86 FPU/XMM initialization
(XSA-165, boo#958009)

- boo#958523 xen: ioreq handling possibly susceptible to multiple read
issue (XSA-166)

- CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing
command block list (boo#956832)

- boo#956592: xen: virtual PMU is unsupported (XSA-163)

- CVE-2015-8339, CVE-2015-8340: xen: XENMEM_exchange error handling issues
(XSA-159, boo#956408)

- CVE-2015-8341: xen: libxl leak of pv kernel and initrd on error
(XSA-160, boo#956409)

- CVE-2015-7504: xen: heap buffer overflow vulnerability in pcnet emulator
(XSA-162, boo#956411)

- CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with
qemu-xen (xsa-142, boo#947165)

- CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in
microcode via #DB exception (boo#954405)

- CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156,
boo#954018)

- CVE-2015-7970: xen: x86: Long latency populate-on-demand operation is
not preemptible (XSA-150, boo#950704)

Affected Software/OS:
xen on openSUSE 13.1

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-5307
BugTraq ID: 77528
http://www.securityfocus.com/bid/77528
Debian Security Information: DSA-3396 (Google Search)
http://www.debian.org/security/2015/dsa-3396
Debian Security Information: DSA-3414 (Google Search)
http://www.debian.org/security/2015/dsa-3414
Debian Security Information: DSA-3454 (Google Search)
http://www.debian.org/security/2016/dsa-3454
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html
http://www.openwall.com/lists/oss-security/2015/11/10/6
RedHat Security Advisories: RHSA-2015:2636
http://rhn.redhat.com/errata/RHSA-2015-2636.html
RedHat Security Advisories: RHSA-2015:2645
http://rhn.redhat.com/errata/RHSA-2015-2645.html
RedHat Security Advisories: RHSA-2016:0046
http://rhn.redhat.com/errata/RHSA-2016-0046.html
http://www.securitytracker.com/id/1034105
SuSE Security Announcement: SUSE-SU-2015:2108 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html
SuSE Security Announcement: SUSE-SU-2015:2194 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html
SuSE Security Announcement: SUSE-SU-2015:2339 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html
SuSE Security Announcement: SUSE-SU-2015:2350 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html
SuSE Security Announcement: SUSE-SU-2016:0354 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html
SuSE Security Announcement: SUSE-SU-2016:2074 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
SuSE Security Announcement: openSUSE-SU-2015:2232 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html
SuSE Security Announcement: openSUSE-SU-2015:2250 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html
http://www.ubuntu.com/usn/USN-2800-1
http://www.ubuntu.com/usn/USN-2801-1
http://www.ubuntu.com/usn/USN-2802-1
http://www.ubuntu.com/usn/USN-2803-1
http://www.ubuntu.com/usn/USN-2804-1
http://www.ubuntu.com/usn/USN-2805-1
http://www.ubuntu.com/usn/USN-2806-1
http://www.ubuntu.com/usn/USN-2807-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7311
BugTraq ID: 76823
http://www.securityfocus.com/bid/76823
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167077.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html
https://security.gentoo.org/glsa/201604-03
http://www.securitytracker.com/id/1033633
Common Vulnerability Exposure (CVE) ID: CVE-2015-7504
BugTraq ID: 78227
http://www.securityfocus.com/bid/78227
Debian Security Information: DSA-3469 (Google Search)
http://www.debian.org/security/2016/dsa-3469
Debian Security Information: DSA-3470 (Google Search)
http://www.debian.org/security/2016/dsa-3470
Debian Security Information: DSA-3471 (Google Search)
http://www.debian.org/security/2016/dsa-3471
https://security.gentoo.org/glsa/201602-01
https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06342.html
http://www.openwall.com/lists/oss-security/2015/11/30/2
RedHat Security Advisories: RHSA-2015:2694
http://rhn.redhat.com/errata/RHSA-2015-2694.html
RedHat Security Advisories: RHSA-2015:2695
http://rhn.redhat.com/errata/RHSA-2015-2695.html
RedHat Security Advisories: RHSA-2015:2696
http://rhn.redhat.com/errata/RHSA-2015-2696.html
http://www.securitytracker.com/id/1034268
Common Vulnerability Exposure (CVE) ID: CVE-2015-7549
BugTraq ID: 80761
http://www.securityfocus.com/bid/80761
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175380.html
http://www.openwall.com/lists/oss-security/2015/12/14/2
Common Vulnerability Exposure (CVE) ID: CVE-2015-7970
BugTraq ID: 77362
http://www.securityfocus.com/bid/77362
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html
http://www.securitytracker.com/id/1034034
Common Vulnerability Exposure (CVE) ID: CVE-2015-8104
BugTraq ID: 77524
http://www.securityfocus.com/bid/77524
BugTraq ID: 91787
http://www.securityfocus.com/bid/91787
Debian Security Information: DSA-3426 (Google Search)
http://www.debian.org/security/2015/dsa-3426
http://www.openwall.com/lists/oss-security/2015/11/10/5
SuSE Security Announcement: openSUSE-SU-2016:1008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html
http://www.ubuntu.com/usn/USN-2840-1
http://www.ubuntu.com/usn/USN-2841-1
http://www.ubuntu.com/usn/USN-2841-2
http://www.ubuntu.com/usn/USN-2842-1
http://www.ubuntu.com/usn/USN-2842-2
http://www.ubuntu.com/usn/USN-2843-1
http://www.ubuntu.com/usn/USN-2843-2
http://www.ubuntu.com/usn/USN-2844-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-8339
BugTraq ID: 79038
http://www.securityfocus.com/bid/79038
Debian Security Information: DSA-3519 (Google Search)
http://www.debian.org/security/2016/dsa-3519
http://www.securitytracker.com/id/1034391
Common Vulnerability Exposure (CVE) ID: CVE-2015-8340
Common Vulnerability Exposure (CVE) ID: CVE-2015-8341
http://www.securitytracker.com/id/1034389
Common Vulnerability Exposure (CVE) ID: CVE-2015-8345
BugTraq ID: 77985
http://www.securityfocus.com/bid/77985
http://www.openwall.com/lists/oss-security/2015/11/25/11
https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8504
BugTraq ID: 78708
http://www.securityfocus.com/bid/78708
http://www.openwall.com/lists/oss-security/2015/12/08/7
Common Vulnerability Exposure (CVE) ID: CVE-2015-8550
BugTraq ID: 79592
http://www.securityfocus.com/bid/79592
Debian Security Information: DSA-3434 (Google Search)
http://www.debian.org/security/2016/dsa-3434
http://www.securitytracker.com/id/1034479
SuSE Security Announcement: SUSE-SU-2016:0911 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html
SuSE Security Announcement: SUSE-SU-2016:1102 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
SuSE Security Announcement: SUSE-SU-2016:1764 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8554
BugTraq ID: 79579
http://www.securityfocus.com/bid/79579
http://www.securitytracker.com/id/1034481
Common Vulnerability Exposure (CVE) ID: CVE-2015-8555
BugTraq ID: 79543
http://www.securityfocus.com/bid/79543
http://www.securitytracker.com/id/1034477
Common Vulnerability Exposure (CVE) ID: CVE-2015-8558
BugTraq ID: 80694
http://www.securityfocus.com/bid/80694
http://www.openwall.com/lists/oss-security/2015/12/14/9
http://www.openwall.com/lists/oss-security/2015/12/14/16
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02124.html
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.