Security update for xen SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2017:0582-1 Final 1 1 2017-02-28T10:34:31Z current 2017-02-28T10:34:31Z 2017-02-28T10:34:31Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xen This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5973: A infinite loop while doing control transfer in xhci_kick_epctx allowed privileged user inside the guest to crash the host process resulting in DoS (bsc#1025188) - CVE-2016-10155: The virtual hardware watchdog 'wdt_i6300esb' was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1024183) - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024834) - CVE-2017-5856: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a memory leakage issue allowing a privileged user to leak host memory resulting in DoS (bsc#1024186) - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS (bsc#1024307) - CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004) - CVE-2014-8106: A heap-based buffer overflow in the Cirrus VGA emulator allowed local guest users to execute arbitrary code via vectors related to blit regions (bsc#907805). - A malicious guest could have, by frequently rebooting over extended periods of time, run the host system out of memory, resulting in a Denial of Service (DoS) (bsc#1022871) - CVE-2017-5579: The 16550A UART serial device emulation support was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1022627) - CVE-2016-9907: The USB redirector usb-guest support was vulnerable to a memory leakage flaw when destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could have used this issue to leak host memory, resulting in DoS for a host (bsc#1014490) - CVE-2016-9911: The USB EHCI Emulation support was vulnerable to a memory leakage issue while processing packet data in 'ehci_init_transfer'. A guest user/process could have used this issue to leak host memory, resulting in DoS for the host (bsc#1014507) - CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169) - CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169) - CVE-2016-9101: A memory leak in hw/net/eepro100.c allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device (bsc#1013668) - CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013657) These non-security issues were fixed: - bsc#1000195: Prevent panic on CPU0 while booting on SLES 11 SP3 - bsc#1002496: Added support for reloading clvm in block-dmmd block-dmmd The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-SAP-12-2017-299,SUSE-SLE-SERVER-12-2017-299 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ Link for SUSE-SU-2017:0582-1 https://lists.suse.com/pipermail/sle-security-updates/2017-February/002669.html E-Mail link for SUSE-SU-2017:0582-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1000195 SUSE Bug 1000195 https://bugzilla.suse.com/1002496 SUSE Bug 1002496 https://bugzilla.suse.com/1013657 SUSE Bug 1013657 https://bugzilla.suse.com/1013668 SUSE Bug 1013668 https://bugzilla.suse.com/1014490 SUSE Bug 1014490 https://bugzilla.suse.com/1014507 SUSE Bug 1014507 https://bugzilla.suse.com/1015169 SUSE Bug 1015169 https://bugzilla.suse.com/1016340 SUSE Bug 1016340 https://bugzilla.suse.com/1022627 SUSE Bug 1022627 https://bugzilla.suse.com/1022871 SUSE Bug 1022871 https://bugzilla.suse.com/1023004 SUSE Bug 1023004 https://bugzilla.suse.com/1024183 SUSE Bug 1024183 https://bugzilla.suse.com/1024186 SUSE Bug 1024186 https://bugzilla.suse.com/1024307 SUSE Bug 1024307 https://bugzilla.suse.com/1024834 SUSE Bug 1024834 https://bugzilla.suse.com/1025188 SUSE Bug 1025188 https://bugzilla.suse.com/907805 SUSE Bug 907805 https://www.suse.com/security/cve/CVE-2014-8106/ SUSE CVE CVE-2014-8106 page https://www.suse.com/security/cve/CVE-2016-10155/ SUSE CVE CVE-2016-10155 page https://www.suse.com/security/cve/CVE-2016-9101/ SUSE CVE CVE-2016-9101 page https://www.suse.com/security/cve/CVE-2016-9776/ SUSE CVE CVE-2016-9776 page https://www.suse.com/security/cve/CVE-2016-9907/ SUSE CVE CVE-2016-9907 page https://www.suse.com/security/cve/CVE-2016-9911/ SUSE CVE CVE-2016-9911 page https://www.suse.com/security/cve/CVE-2016-9921/ SUSE CVE CVE-2016-9921 page https://www.suse.com/security/cve/CVE-2016-9922/ SUSE CVE CVE-2016-9922 page https://www.suse.com/security/cve/CVE-2017-2615/ SUSE CVE CVE-2017-2615 page https://www.suse.com/security/cve/CVE-2017-2620/ SUSE CVE CVE-2017-2620 page https://www.suse.com/security/cve/CVE-2017-5579/ SUSE CVE CVE-2017-5579 page https://www.suse.com/security/cve/CVE-2017-5856/ SUSE CVE CVE-2017-5856 page https://www.suse.com/security/cve/CVE-2017-5898/ SUSE CVE CVE-2017-5898 page https://www.suse.com/security/cve/CVE-2017-5973/ SUSE CVE CVE-2017-5973 page SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for SAP Applications 12 xen-4.4.4_14-22.33.1 xen-doc-html-4.4.4_14-22.33.1 xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 xen-libs-4.4.4_14-22.33.1 xen-libs-32bit-4.4.4_14-22.33.1 xen-tools-4.4.4_14-22.33.1 xen-tools-domU-4.4.4_14-22.33.1 xen-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server 12-LTSS xen-doc-html-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server 12-LTSS xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 as a component of SUSE Linux Enterprise Server 12-LTSS xen-libs-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server 12-LTSS xen-libs-32bit-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server 12-LTSS xen-tools-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server 12-LTSS xen-tools-domU-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server 12-LTSS xen-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 xen-doc-html-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 xen-libs-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 xen-libs-32bit-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 xen-tools-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 xen-tools-domU-4.4.4_14-22.33.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320. CVE-2014-8106 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2014-8106.html CVE-2014-8106 https://bugzilla.suse.com/1023004 SUSE Bug 1023004 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/907805 SUSE Bug 907805 Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. CVE-2016-10155 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 moderate 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2016-10155.html CVE-2016-10155 https://bugzilla.suse.com/1021129 SUSE Bug 1021129 https://bugzilla.suse.com/1024183 SUSE Bug 1024183 Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device. CVE-2016-9101 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 low 1.5 AV:L/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2016-9101.html CVE-2016-9101 https://bugzilla.suse.com/1007391 SUSE Bug 1007391 https://bugzilla.suse.com/1013668 SUSE Bug 1013668 https://bugzilla.suse.com/1024181 SUSE Bug 1024181 QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS. CVE-2016-9776 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 low 1.5 AV:L/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2016-9776.html CVE-2016-9776 https://bugzilla.suse.com/1013285 SUSE Bug 1013285 https://bugzilla.suse.com/1013657 SUSE Bug 1013657 https://bugzilla.suse.com/1024182 SUSE Bug 1024182 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host. CVE-2016-9907 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 low 1.5 AV:L/AC:M/Au:S/C:N/I:N/A:P 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2016-9907.html CVE-2016-9907 https://bugzilla.suse.com/1014109 SUSE Bug 1014109 https://bugzilla.suse.com/1014490 SUSE Bug 1014490 Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host. CVE-2016-9911 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 low 1.5 AV:L/AC:M/Au:S/C:N/I:N/A:P 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2016-9911.html CVE-2016-9911 https://bugzilla.suse.com/1014111 SUSE Bug 1014111 https://bugzilla.suse.com/1014507 SUSE Bug 1014507 Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS. CVE-2016-9921 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2016-9921.html CVE-2016-9921 https://bugzilla.suse.com/1014702 SUSE Bug 1014702 https://bugzilla.suse.com/1015169 SUSE Bug 1015169 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values. CVE-2016-9922 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 moderate 1.5 AV:L/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2016-9922.html CVE-2016-9922 https://bugzilla.suse.com/1014702 SUSE Bug 1014702 https://bugzilla.suse.com/1015169 SUSE Bug 1015169 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. CVE-2017-2615 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 moderate 4.9 AV:A/AC:M/Au:S/C:P/I:P/A:P 9 AV:N/AC:L/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2017-2615.html CVE-2017-2615 https://bugzilla.suse.com/1023004 SUSE Bug 1023004 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. CVE-2017-2620 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 moderate 4.9 AV:A/AC:M/Au:S/C:P/I:P/A:P 9 AV:N/AC:L/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2017-2620.html CVE-2017-2620 https://bugzilla.suse.com/1024834 SUSE Bug 1024834 https://bugzilla.suse.com/1024972 SUSE Bug 1024972 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. CVE-2017-5579 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 low 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2017-5579.html CVE-2017-5579 https://bugzilla.suse.com/1021741 SUSE Bug 1021741 https://bugzilla.suse.com/1022627 SUSE Bug 1022627 Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb. CVE-2017-5856 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 moderate 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2017-5856.html CVE-2017-5856 https://bugzilla.suse.com/1023053 SUSE Bug 1023053 https://bugzilla.suse.com/1024186 SUSE Bug 1024186 Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit. CVE-2017-5898 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 moderate 3.8 AV:A/AC:M/Au:S/C:N/I:P/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2017-5898.html CVE-2017-5898 https://bugzilla.suse.com/1023907 SUSE Bug 1023907 https://bugzilla.suse.com/1024307 SUSE Bug 1024307 The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence. CVE-2017-5973 SUSE Linux Enterprise Server 12-LTSS:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-doc-html-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-kmp-default-4.4.4_14_k3.12.61_52.66-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-32bit-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-libs-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-4.4.4_14-22.33.1 SUSE Linux Enterprise Server for SAP Applications 12:xen-tools-domU-4.4.4_14-22.33.1 moderate 2.3 AV:A/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20170582-1/ https://www.suse.com/security/cve/CVE-2017-5973.html CVE-2017-5973 https://bugzilla.suse.com/1025109 SUSE Bug 1025109 https://bugzilla.suse.com/1025188 SUSE Bug 1025188