SuSE 10 Security Update : xen (ZYPP Patch Number 4766)
Medium Nessus Plugin ID 29791
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionThis update fixes various Xen issues.
Two security problems were fixed: CVE-2007-5906: Xen allowed virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.
- Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to cause a denial of service (crash). (CVE-2007-5907)
Also the following bugs were fixed: 279062: Timer ISR/1: Time went backwards 340379: Xen-3.04_13138-0.52 not working with FV File-Backed VMs
SolutionApply ZYPP patch number 4766.