openSUSE Security Update : xen (openSUSE-2017-492)

High Nessus Plugin ID 99559

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 7.3

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for xen to version 4.7.2 fixes the following issues :

These security issues were fixed :

- CVE-2017-7228: Broken check in memory_exchange() permited PV guest breakout (bsc#1030442).

- XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or driver domain, possibly leading to a Denial of Service (DoS) of the entire host (bsc#1030144).

- CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028235).

These non-security issues were fixed :

- bsc#1015348: libvirtd didn't not start during boot

- bsc#1014136: kdump couldn't dump a kernel on SLES12-SP2 with Xen hypervisor.

- bsc#1026236: Fixed paravirtualized performance

- bsc#1022555: Timeout in 'execution of /etc/xen/scripts/block add'

- bsc#1029827: Forward port xenstored

- bsc#1029128: Make xen to really produce xen.efi with gcc48

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Solution

Update the affected xen packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1014136

https://bugzilla.opensuse.org/show_bug.cgi?id=1015348

https://bugzilla.opensuse.org/show_bug.cgi?id=1022555

https://bugzilla.opensuse.org/show_bug.cgi?id=1026236

https://bugzilla.opensuse.org/show_bug.cgi?id=1027519

https://bugzilla.opensuse.org/show_bug.cgi?id=1028235

https://bugzilla.opensuse.org/show_bug.cgi?id=1029128

https://bugzilla.opensuse.org/show_bug.cgi?id=1029827

https://bugzilla.opensuse.org/show_bug.cgi?id=1030144

https://bugzilla.opensuse.org/show_bug.cgi?id=1030442

Plugin Details

Severity: High

ID: 99559

File Name: openSUSE-2017-492.nasl

Version: 3.4

Type: local

Agent: unix

Published: 2017/04/21

Updated: 2020/06/04

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 7.3

CVSS v2.0

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 8.2

Temporal Score: 7.4

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:xen, p-cpe:/a:novell:opensuse:xen-debugsource, p-cpe:/a:novell:opensuse:xen-devel, p-cpe:/a:novell:opensuse:xen-doc-html, p-cpe:/a:novell:opensuse:xen-libs, p-cpe:/a:novell:opensuse:xen-libs-32bit, p-cpe:/a:novell:opensuse:xen-libs-debuginfo, p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit, p-cpe:/a:novell:opensuse:xen-tools, p-cpe:/a:novell:opensuse:xen-tools-debuginfo, p-cpe:/a:novell:opensuse:xen-tools-domU, p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo, cpe:/o:novell:opensuse:42.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/04/20

Reference Information

CVE: CVE-2017-6505, CVE-2017-7228