xen: security update to fix various denial of service issues
XEN was updated to fix various denial of service issues.
- bnc#789945 - CVE-2012-5510: xen: Grant table version
switch list corruption vulnerability (XSA-26)
- bnc#789944 - CVE-2012-5511: xen: Several HVM operations do
not validate the range of their inputs (XSA-27)
- bnc#789940 - CVE-2012-5512: xen: HVMOP_get_mem_access
crash / HVMOP_set_mem_access information leak (XSA-28)
- bnc#789951 - CVE-2012-5513: xen: XENMEM_exchange may
overwrite hypervisor memory (XSA-29)
- bnc#789948 - CVE-2012-5514: xen: Missing unlock in
guest_physmap_mark_populate_on_demand() (XSA-30)
- bnc#789950 - CVE-2012-5515: xen: Several memory hypercall
operations allow invalid extent order values (XSA-31)
-
Submitted by
Stefan Lijewski (lijews)
- Reboot is suggested
Fixed bugs
bnc#789950
VUL-0: CVE-2012-5515: xen: Several memory hypercall operations allow invalid extent order values (XSA-31)
bnc#789948
VUL-0: CVE-2012-5514: xen: Missing unlock in guest_physmap_mark_populate_on_demand() (XSA-30)
bnc#789951
VUL-0: CVE-2012-5513: xen: XENMEM_exchange may overwrite hypervisor memory (XSA-29)
bnc#789940
VUL-0: CVE-2012-5512: xen: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak (XSA-28)
bnc#789944
VUL-0: CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs (XSA-27)
bnc#789945
VUL-0: CVE-2012-5510: xen: Grant table version switch list corruption vulnerability (XSA-26)
