SuSE 11.3 Security Update : Xen (SAT Patch Number 8588)

high Nessus Plugin ID 71562


The remote SuSE 11 host is missing one or more security updates.


The Xen hypervisor and tool-suite have been updated to fix security issues and bugs :

- XSA-73: A lock order reversal between page allocation and grant table locks could lead to host crashes or even host code execution. (CVE-2013-4494)

- XSA-74: A lock order reversal between page_alloc_lock and mm_rwlock could lead to deadlocks. (CVE-2013-4553)

- XSA-76: Hypercalls exposed to privilege rings 1 and 2 of HVM guests which might lead to Hypervisor escalation under specific circumstances. (CVE-2013-4554)

- XSA-78: Insufficient TLB flushing in VT-d (iommu) code could lead to access of memory that was revoked.

- XSA-75: A host crash due to guest VMX instruction execution was fixed. Non-security bugs have also been fixed:. (CVE-2013-4551)

- It is possible to start a VM twice on the same node.

- In HP's UEFI x86_64 platform and SLES 11-SP3, dom0 will could lock-up on multiple blades nPar. (bnc#842417)

- Xen Hypervisor panics on 8-blades nPar with 46-bit memory addressing. (bnc#848014)

- Soft lock-up with PCI pass-through and many VCPUs.

- Boot Failure with Xen kernel in UEFI mode with error 'No memory for trampoline'. (bnc#833483)

- Increase the maximum supported CPUs in the Hypervisor to 512.


Apply SAT patch number 8588.

See Also

Plugin Details

Severity: High

ID: 71562

File Name: suse_11_xen-201311-131127.nasl

Version: 1.3

Type: local

Agent: unix

Published: 12/20/2013

Updated: 1/19/2021

Supported Sensors: Nessus Agent

Risk Information


Risk Factor: Medium

Score: 6


Risk Factor: High

Base Score: 7.9

Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:xen, p-cpe:/a:novell:suse_linux:11:xen-doc-html, p-cpe:/a:novell:suse_linux:11:xen-doc-pdf, p-cpe:/a:novell:suse_linux:11:xen-kmp-default, p-cpe:/a:novell:suse_linux:11:xen-kmp-pae, p-cpe:/a:novell:suse_linux:11:xen-libs, p-cpe:/a:novell:suse_linux:11:xen-libs-32bit, p-cpe:/a:novell:suse_linux:11:xen-tools, p-cpe:/a:novell:suse_linux:11:xen-tools-domU, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 11/27/2013

Reference Information

CVE: CVE-2013-1922, CVE-2013-2007, CVE-2013-4375, CVE-2013-4416, CVE-2013-4494, CVE-2013-4551, CVE-2013-4553, CVE-2013-4554, CVE-2013-6375