SuSE 11.3 Security Update : Xen (SAT Patch Number 10018)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

Xen has been updated to version 4.2.5 with additional patches to fix
six security issues :

- Guest effectable page reference leak in
MMU_MACHPHYS_UPDATE handling. (CVE-2014-9030)

- Insufficient bounding of 'REP MOVS' to MMIO emulated
inside the hypervisor. (CVE-2014-8867)

- Excessive checking in compatibility mode hypercall
argument translation. (CVE-2014-8866)

- Guest user mode triggerable VM exits not handled by
hypervisor. (bnc#903850)

- Missing privilege level checks in x86 emulation of far
branches. (CVE-2014-8595)

- Insufficient restrictions on certain MMU update
hypercalls (CVE-2014-8594). These non-security issues
have been fixed :

- Xen save/restore of HVM guests cuts off disk and
networking. (bnc#866902)

- Windows 2012 R2 fails to boot up with greater than 60
vcpus. (bnc#882089)

- Increase limit domUloader to 32MB. (bnc#901317)

- Adjust xentop column layout. (bnc#896023)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=866902
https://bugzilla.novell.com/show_bug.cgi?id=882089
https://bugzilla.novell.com/show_bug.cgi?id=896023
https://bugzilla.novell.com/show_bug.cgi?id=901317
https://bugzilla.novell.com/show_bug.cgi?id=903850
https://bugzilla.novell.com/show_bug.cgi?id=903967
https://bugzilla.novell.com/show_bug.cgi?id=903970
https://bugzilla.novell.com/show_bug.cgi?id=905465
https://bugzilla.novell.com/show_bug.cgi?id=905467
https://bugzilla.novell.com/show_bug.cgi?id=906439
http://support.novell.com/security/cve/CVE-2014-8594.html
http://support.novell.com/security/cve/CVE-2014-8595.html
http://support.novell.com/security/cve/CVE-2014-8866.html
http://support.novell.com/security/cve/CVE-2014-8867.html
http://support.novell.com/security/cve/CVE-2014-9030.html

Solution :

Apply SAT patch number 10018.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 80254 ()

Bugtraq ID:

CVE ID: CVE-2014-8594
CVE-2014-8595
CVE-2014-8866
CVE-2014-8867
CVE-2014-9030

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now