openSUSE Security Update : xen (openSUSE-2017-329)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for xen fixes several issues.

These security issues were fixed :

- CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the
bitblit copy routine cirrus_bitblt_cputovideo failed to
check the memory region, allowing for an out-of-bounds
write that allows for privilege escalation
(bsc#1024834).

- CVE-2017-2615: An error in the bitblt copy operation
could have allowed a malicious guest administrator to
cause an out of bounds memory access, possibly leading
to information disclosure or privilege escalation
(bsc#1023004).

- A malicious guest could have, by frequently rebooting
over extended periods of time, run the host system out
of memory, resulting in a Denial of Service (DoS)
(bsc#1022871)

- CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support
was vulnerable to a divide by zero issue while copying
VGA data. A privileged user inside guest could have used
this flaw to crash the process instance on the host,
resulting in DoS (bsc#1015169

These non-security issues were fixed :

- bsc#1000195: Prevent panic on CPU0 while booting on SLES
11 SP3

- bsc#1002496: Added support for reloading clvm in
block-dmmd block-dmmd

- bsc#1005028: Fixed building Xen RPMs from Sources

This update was imported from the SUSE:SLE-12-SP2:Update update
project.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1000195
https://bugzilla.opensuse.org/show_bug.cgi?id=1002496
https://bugzilla.opensuse.org/show_bug.cgi?id=1005028
https://bugzilla.opensuse.org/show_bug.cgi?id=1012651
https://bugzilla.opensuse.org/show_bug.cgi?id=1014298
https://bugzilla.opensuse.org/show_bug.cgi?id=1014300
https://bugzilla.opensuse.org/show_bug.cgi?id=1015169
https://bugzilla.opensuse.org/show_bug.cgi?id=1016340
https://bugzilla.opensuse.org/show_bug.cgi?id=1022871
https://bugzilla.opensuse.org/show_bug.cgi?id=1023004
https://bugzilla.opensuse.org/show_bug.cgi?id=1024834

Solution :

Update the affected xen packages.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 97712 ()

Bugtraq ID:

CVE ID: CVE-2016-9921
CVE-2016-9922
CVE-2017-2615
CVE-2017-2620

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now