Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:Update
patchinfo.4684
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.4684
<patchinfo incident="4684"> <issue id="1028655" tracker="bnc">VUL-0: CVE-2016-9603: xen: Cirrus VGA Heap overflow via display refresh (XSA-211)</issue> <issue id="1029827" tracker="bnc">Forward port xenstored</issue> <issue id="1034994" tracker="bnc">VUL-0: CVE-2017-7718: xen: qemu: display: cirrus: OOB read access issue</issue> <issue id="1036146" tracker="bnc">L3: sles12sp2 xen VM dumps core to wrong path</issue> <issue id="1022703" tracker="bnc">Xen HVM guest with OVMF hangs with unattached CDRom</issue> <issue id="1030144" tracker="bnc">VUL-0: xen: xenstore denial of service via repeated update (XSA-206)</issue> <issue id="1034844" tracker="bnc">VUL-0: EMBARGOED: xen: grant transfer allows PV guest to elevate privileges (XSA-214)</issue> <issue id="1034843" tracker="bnc">VUL-0: EMBARGOED: xen: x86: 64bit PV guest breakout via pagetable use-after-mode-change (XSA-213)</issue> <issue id="2016-9603" tracker="cve" /> <issue id="2017-7718" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>charlesa</packager> <description> This update for xen fixes several issues. These security issues were fixed: - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843) - A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844). - CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994). - CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655) These non-security issues were fixed: - bsc#1029827: Additional xenstore patch - bsc#1036146: Xen VM dumped core to wrong path - bsc#1022703: Prevent Xen HVM guest with OVMF to hang with unattached CDRom </description> <summary>Security update for xen</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor