openSUSE Security Update : xen-201107 (openSUSE-SU-2011:0941-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Security / Collective Update for Xen

Xen :

- bnc#702025 - VUL-0: xen: VT-d (PCI passthrough) MSI trap
injection (CVE-2011-1898)

- bnc#703924 - update block-npiv scripts to support BFA
HBA

- bnc#689954 - L3: Live migrations fail when guest
crashes: domain_crash_sync called from entry.S

- bnc#693472 - Bridge hangs cause redundant ring failures
in SLE 11 SP1 HAE + XEN

- bnc#582265 - xen-scsi.ko not supported

- bnc#670465 - When connecting to Xen guest through
vncviewer mouse tracking is off.

- bnc#684305 - on_crash is being ignored with kdump now
working in HVM

vm-install :

- bnc#692625 - virt-manager has problems to install guest
from multiple CD

See also :

http://lists.opensuse.org/opensuse-updates/2011-08/msg00034.html
https://bugzilla.novell.com/show_bug.cgi?id=582265
https://bugzilla.novell.com/show_bug.cgi?id=670465
https://bugzilla.novell.com/show_bug.cgi?id=684297
https://bugzilla.novell.com/show_bug.cgi?id=684305
https://bugzilla.novell.com/show_bug.cgi?id=689954
https://bugzilla.novell.com/show_bug.cgi?id=692625
https://bugzilla.novell.com/show_bug.cgi?id=693472
https://bugzilla.novell.com/show_bug.cgi?id=702025
https://bugzilla.novell.com/show_bug.cgi?id=703924

Solution :

Update the affected xen-201107 packages.

Risk factor :

High / CVSS Base Score : 7.4
(CVSS2#AV:A/AC:M/Au:S/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 75777 ()

Bugtraq ID:

CVE ID: CVE-2011-1898

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now