openSUSE Security Update : xen-201105 (openSUSE-SU-2011:0580-1)

medium Nessus Plugin ID 75776

Synopsis

The remote openSUSE host is missing a security update.

Description

Collective May/2011 update for Xen

Xen :

- 691238 - L3: question on behaviour change xm list

- 623680 - xen kernel freezes during boot when processor module is loaded

- 680824 - dom0 can't recognize boot disk when IOMMU is enabled

- 688473 - VUL-0: potential buffer overflow in tools

- 679344 - VUL-0: Xen: multi-vCPU pv guest may crash host

- 687981 - L3: mistyping model type when defining VIF crashes

- 675817 - Kernel panic when creating HVM guests on AMD platforms with XSAVE

- 678871 - dom0 hangs long time when starting hvm guests with memory >= 64GB

- 675363 - Random lockups with kernel-xen. Possibly graphics related

- 678229 - restore of sles HVM fails

- 672833 - xen-tools bug causing problems with Ubuntu 10.10 under Xen 4.

- 665610 - xm console > 1 to same VM messes up both consoles

vm-install :

- 688757 - SLED10SP4 fully virtualized in SLES10SP4 XEN - kernel panic

- 678152 - Xen: virt-manager: harmless block device admin actions on FV guests mess up network (VIF) device type ==> network lost.

Solution

Update the affected xen-201105 packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=623680

https://bugzilla.novell.com/show_bug.cgi?id=665610

https://bugzilla.novell.com/show_bug.cgi?id=672833

https://bugzilla.novell.com/show_bug.cgi?id=675363

https://bugzilla.novell.com/show_bug.cgi?id=675817

https://bugzilla.novell.com/show_bug.cgi?id=678152

https://bugzilla.novell.com/show_bug.cgi?id=678229

https://bugzilla.novell.com/show_bug.cgi?id=678871

https://bugzilla.novell.com/show_bug.cgi?id=679344

https://bugzilla.novell.com/show_bug.cgi?id=680824

https://bugzilla.novell.com/show_bug.cgi?id=687981

https://bugzilla.novell.com/show_bug.cgi?id=688473

https://bugzilla.novell.com/show_bug.cgi?id=688757

https://bugzilla.novell.com/show_bug.cgi?id=691238

https://lists.opensuse.org/opensuse-updates/2011-05/msg00066.html

Plugin Details

Severity: Medium

ID: 75776

File Name: suse_11_3_xen-201105-110510.nasl

Version: 1.5

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/14/2021

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:vm-install, p-cpe:/a:novell:opensuse:xen, p-cpe:/a:novell:opensuse:xen-devel, p-cpe:/a:novell:opensuse:xen-doc-html, p-cpe:/a:novell:opensuse:xen-doc-pdf, p-cpe:/a:novell:opensuse:xen-kmp-default, p-cpe:/a:novell:opensuse:xen-kmp-desktop, p-cpe:/a:novell:opensuse:xen-kmp-pae, p-cpe:/a:novell:opensuse:xen-libs, p-cpe:/a:novell:opensuse:xen-tools, p-cpe:/a:novell:opensuse:xen-tools-domu, cpe:/o:novell:opensuse:11.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 5/10/2011

Reference Information

CVE: CVE-2011-1146, CVE-2011-1166, CVE-2011-1486, CVE-2011-1583