Security update for xen
The XEN hypervisor was updated to fix two security issues:
- Fixed a buffer overflow in the floppy drive emulation, which could be
used to denial of service attacks or potential code execution against
the host. (CVE-2015-3456)
- Xen did not initialize certain fields, which allowed certain
remote service domains to obtain sensitive information from memory
via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist
request. (CVE-2015-3340)
-
Submitted by
Charles Arnold (charlesa)
- Reboot is suggested
Fixed bugs
bnc#927967
VUL-0: CVE-2015-3340: xen: Information leak through XEN_DOMCTL_gettscinfo (XSA-132)
bnc#929339
VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu floppy driver host code execution
