openSUSE Security Update : xen (openSUSE-SU-2014:0483-1)

high Nessus Plugin ID 75312
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote openSUSE host is missing a security update.

Description

Xen was updated to fix various bugs and security issues :

Update to Xen version 4.2.4 c/s 26280.

- bnc#861256 - CVE-2014-1950: xen: XSA-88: use-after-free in xc_cpupool_getinfo() under memory pressure. (fix included with update)

- bnc#863297: xend/pvscsi: recognize also SCSI CDROM devices

- bnc#858496 - CVE-2014-1642: Xen: XSA-83: Out-of-memory condition yielding memory corruption during IRQ setup

- bnc#860163 - xen: XSA-84: integer overflow in several XSM/Flask hypercalls (CVE-2014-1891 CVE-2014-1892 CVE-2014-1893 CVE-2014-1894)

- bnc#860165 - CVE-2014-1895: xen: XSA-85: Off-by-one error in FLASK_AVC_CACHESTAT hypercall

- bnc#860300 - CVE-2014-1896: xen: XSA-86: libvchan failure handling malicious ring indexes

- bnc#860302 - CVE-2014-1666: xen: XSA-87:
PHYSDEVOP_(prepare,release)_msix exposed to unprivileged guests

- bnc#858311 - Server is not booting in kernel XEN after latest updates - (XEN) setup 0000:00:18.0 for d0 failed (-19)

- bnc#858496 - CVE-2014-1642: Xen: XSA-83: Out-of-memory condition yielding memory corruption during IRQ setup

- bnc#853049 - CVE-2013-6885: xen: XSA-82: Guest triggerable AMD CPU erratum may cause host hang

- bnc#853048 - CVE-2013-6400: xen: XSA-80: IOMMU TLB flushing may be inadvertently suppressed

- bnc#831120 - CVE-2013-2212: xen: XSA-60: Excessive time to disable caching with HVM guests with PCI passthrough

- bnc#848014 - [HP HPS] Xen hypervisor panics on 8-blades nPar with 46-bit memory addressing

- bnc#833251 - [HP BCS SLES11 Bug]: In HPs UEFI x86_64 platform and with xen environment, in booting stage ,xen hypervisor will panic.

- pygrub: Support (/dev/xvda) style disk specifications

- bnc#849667 - CVE-2014-1895: xen: XSA-74: Lock order reversal between page_alloc_lock and mm_rwlock

- bnc#849668 - CVE-2013-4554: xen: XSA-76: Hypercalls exposed to privilege rings 1 and 2 of HVM guests

- bnc#842417 - In HPs UEFI x86_64 platform and sles11sp3 with xen environment, dom0 will soft lockup on multiple blades nPar.

- bnc#848014 - [HP HPS] Xen hypervisor panics on 8-blades nPar with 46-bit memory addressing

- bnc#846849 - Soft lockup with PCI passthrough and many VCPUs

- bnc#833483 - Boot Failure with xen kernel in UEFI mode with error 'No memory for trampoline'

- bnc#849665 - CVE-2013-4551: xen: XSA-75: Host crash due to guest VMX instruction execution

- The upstream version of checking for xend when using the 'xl' command is used is not working.

- bnc#840997 - It is possible to start a VM twice on the same node.

- bnc#848657 - xen: CVE-2013-4494: XSA-73: Lock order reversal between page allocation and grant table locks

Solution

Update the affected xen packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=831120

https://bugzilla.novell.com/show_bug.cgi?id=833251

https://bugzilla.novell.com/show_bug.cgi?id=833483

https://bugzilla.novell.com/show_bug.cgi?id=840997

https://bugzilla.novell.com/show_bug.cgi?id=842417

https://bugzilla.novell.com/show_bug.cgi?id=846849

https://bugzilla.novell.com/show_bug.cgi?id=848014

https://bugzilla.novell.com/show_bug.cgi?id=848657

https://bugzilla.novell.com/show_bug.cgi?id=849665

https://bugzilla.novell.com/show_bug.cgi?id=849667

https://bugzilla.novell.com/show_bug.cgi?id=849668

https://bugzilla.novell.com/show_bug.cgi?id=853048

https://bugzilla.novell.com/show_bug.cgi?id=853049

https://bugzilla.novell.com/show_bug.cgi?id=858311

https://bugzilla.novell.com/show_bug.cgi?id=858496

https://bugzilla.novell.com/show_bug.cgi?id=860163

https://bugzilla.novell.com/show_bug.cgi?id=860165

https://bugzilla.novell.com/show_bug.cgi?id=860300

https://bugzilla.novell.com/show_bug.cgi?id=860302

https://bugzilla.novell.com/show_bug.cgi?id=861256

https://bugzilla.novell.com/show_bug.cgi?id=863297

https://lists.opensuse.org/opensuse-updates/2014-04/msg00010.html

Plugin Details

Severity: High

ID: 75312

File Name: openSUSE-2014-271.nasl

Version: 1.5

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 6

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 7.2

Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:xen, p-cpe:/a:novell:opensuse:xen-debugsource, p-cpe:/a:novell:opensuse:xen-devel, p-cpe:/a:novell:opensuse:xen-doc-html, p-cpe:/a:novell:opensuse:xen-doc-pdf, p-cpe:/a:novell:opensuse:xen-kmp-default, p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo, p-cpe:/a:novell:opensuse:xen-kmp-desktop, p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo, p-cpe:/a:novell:opensuse:xen-kmp-pae, p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo, p-cpe:/a:novell:opensuse:xen-libs, p-cpe:/a:novell:opensuse:xen-libs-32bit, p-cpe:/a:novell:opensuse:xen-libs-debuginfo, p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit, p-cpe:/a:novell:opensuse:xen-tools, p-cpe:/a:novell:opensuse:xen-tools-debuginfo, p-cpe:/a:novell:opensuse:xen-tools-domU, p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo, cpe:/o:novell:opensuse:12.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 2/26/2014

Vulnerability Publication Date: 8/28/2013

Reference Information

CVE: CVE-2013-2212, CVE-2013-4494, CVE-2013-4551, CVE-2013-4553, CVE-2013-4554, CVE-2013-6400, CVE-2013-6885, CVE-2014-1642, CVE-2014-1666, CVE-2014-1891, CVE-2014-1892, CVE-2014-1893, CVE-2014-1894, CVE-2014-1895, CVE-2014-1896, CVE-2014-1950

BID: 61424, 63494, 63625, 63931, 63933, 63983, 64195, 65097, 65125, 65414, 65419, 65424, 65529