SuSE 11 Security Update : Xen (SAT Patch Number 2230)

high Nessus Plugin ID 50966

Language:

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

Collective Xen/201004 Update, containing fixes for the following issues :

- pygrub, reiserfs: Fix on-disk structure definition bnc#537370 - Xen on SLES 11 does not boot - endless loop in ATA detection bnc#561912 - xend leaks memory bnc#564750 - Keyboard Caps Lock key works abnormal under SLES11 xen guest OS. bnc#548443 - keymap setting not preserved bnc#555152 - 'NAME' column in xentop (SLES11) output limited to 10 characters unlike SLES10 bnc#553631
- L3: diskpart will not run on windows 2008 bnc#548852 - DL585G2 - plug-in PCI cards fail in IO-APIC mode bnc#529195 - xend: disallow ! as a sxp separator bnc#550397 - xend: bootable flag of VBD not always of type int bnc#545470 - Xen vifname parameter is ignored when using type=ioemu in guest configuration file bnc#541945 - xm create -x command does not work in SLES 10 SP2 or SLES 11 bnc#542525 - xen pygrub vulnerability (CVE-2009-3525) bnc#481592 and fate#306125 - Virtual machines are not able to boot from CD to allow upgrade to OES2SP1 (sle10 bug) bnc#553633 - Update breaks menu access keys in virt-viewer and still misses some key sequences. (sle10 bug) fate#306720: xen: virt-manager cdrom handling. bnc#547590 - L3: virt-manager is unable of displaying VNC console on remote hosts bnc#572691 - libvird segfaults when trying to create a kvm guest bnc#573748 - L3: Virsh gives error Device 51712 not connected after updating libvirt modules bnc#548438 - libcmpiutil / libvirt-cim does not properly handle CIM_ prefixed. (bnc#576832)

- Xen doesn't work get an eror when starting the install processes or starting a pervious installed DomU.
(bnc#513921)

- Cannot set MAC address for PV guest in vm-install.
(bnc#526855)

Solution

Apply SAT patch number 2230.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=481592

https://bugzilla.novell.com/show_bug.cgi?id=513921

https://bugzilla.novell.com/show_bug.cgi?id=526855

https://bugzilla.novell.com/show_bug.cgi?id=529195

https://bugzilla.novell.com/show_bug.cgi?id=537370

https://bugzilla.novell.com/show_bug.cgi?id=541945

https://bugzilla.novell.com/show_bug.cgi?id=542525

https://bugzilla.novell.com/show_bug.cgi?id=545470

https://bugzilla.novell.com/show_bug.cgi?id=547590

https://bugzilla.novell.com/show_bug.cgi?id=548438

https://bugzilla.novell.com/show_bug.cgi?id=548443

https://bugzilla.novell.com/show_bug.cgi?id=548852

https://bugzilla.novell.com/show_bug.cgi?id=550397

https://bugzilla.novell.com/show_bug.cgi?id=553631

https://bugzilla.novell.com/show_bug.cgi?id=553633

https://bugzilla.novell.com/show_bug.cgi?id=555152

https://bugzilla.novell.com/show_bug.cgi?id=561912

https://bugzilla.novell.com/show_bug.cgi?id=564750

https://bugzilla.novell.com/show_bug.cgi?id=572691

https://bugzilla.novell.com/show_bug.cgi?id=573748

https://bugzilla.novell.com/show_bug.cgi?id=576832

https://bugzilla.novell.com/show_bug.cgi?id=591092

http://support.novell.com/security/cve/CVE-2009-3525.html

Plugin Details

Severity: High

ID: 50966

File Name: suse_11_xen-201004-100220.nasl

Version: 1.7

Type: local

Agent: unix

Published: 12/2/2010

Updated: 1/14/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:xen-tools-domu, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:11:libcmpiutil, p-cpe:/a:novell:suse_linux:11:libvirt, p-cpe:/a:novell:suse_linux:11:libvirt-cim, p-cpe:/a:novell:suse_linux:11:libvirt-doc, p-cpe:/a:novell:suse_linux:11:libvirt-python, p-cpe:/a:novell:suse_linux:11:virt-manager, p-cpe:/a:novell:suse_linux:11:virt-viewer, p-cpe:/a:novell:suse_linux:11:vm-install, p-cpe:/a:novell:suse_linux:11:xen, p-cpe:/a:novell:suse_linux:11:xen-doc-html, p-cpe:/a:novell:suse_linux:11:xen-doc-pdf, p-cpe:/a:novell:suse_linux:11:xen-kmp-default, p-cpe:/a:novell:suse_linux:11:xen-kmp-pae, p-cpe:/a:novell:suse_linux:11:xen-libs, p-cpe:/a:novell:suse_linux:11:xen-tools

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2/20/2010

Reference Information

CVE: CVE-2009-3525

CWE: 264