Security update for xen SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2017:1058-1 Final 1 1 2017-04-19T07:16:18Z current 2017-04-19T07:16:18Z 2017-04-19T07:16:18Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xen This update for xen fixes the following security issues: - CVE-2017-7228: Broken check in memory_exchange() permited PV guest breakout (bsc#1030442). - CVE-2017-6414: Memory leak in the vcard_apdu_new function in card_7816.c in libcacard allowed local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object (bsc#1027570). - CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028235). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sleclo50sp3-xen-13067,sleman21-xen-13067,slemap21-xen-13067,sleposp3-xen-13067,slessp3-xen-13067 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2017/suse-su-20171058-1/ Link for SUSE-SU-2017:1058-1 https://lists.suse.com/pipermail/sle-security-updates/2017-April/002814.html E-Mail link for SUSE-SU-2017:1058-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1027570 SUSE Bug 1027570 https://bugzilla.suse.com/1028235 SUSE Bug 1028235 https://bugzilla.suse.com/1030442 SUSE Bug 1030442 https://www.suse.com/security/cve/CVE-2017-6414/ SUSE CVE CVE-2017-6414 page https://www.suse.com/security/cve/CVE-2017-6505/ SUSE CVE CVE-2017-6505 page https://www.suse.com/security/cve/CVE-2017-7228/ SUSE CVE CVE-2017-7228 page SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Manager 2.1 SUSE Manager Proxy 2.1 SUSE OpenStack Cloud 5 xen-4.2.5_21-38.1 xen-doc-html-4.2.5_21-38.1 xen-doc-pdf-4.2.5_21-38.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 xen-libs-4.2.5_21-38.1 xen-libs-32bit-4.2.5_21-38.1 xen-tools-4.2.5_21-38.1 xen-tools-domU-4.2.5_21-38.1 xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 xen-libs-4.2.5_21-38.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 xen-tools-domU-4.2.5_21-38.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 xen-4.2.5_21-38.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS xen-doc-html-4.2.5_21-38.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS xen-doc-pdf-4.2.5_21-38.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS xen-libs-4.2.5_21-38.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS xen-libs-32bit-4.2.5_21-38.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS xen-tools-4.2.5_21-38.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS xen-tools-domU-4.2.5_21-38.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS xen-4.2.5_21-38.1 as a component of SUSE Manager 2.1 xen-doc-html-4.2.5_21-38.1 as a component of SUSE Manager 2.1 xen-doc-pdf-4.2.5_21-38.1 as a component of SUSE Manager 2.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 as a component of SUSE Manager 2.1 xen-libs-4.2.5_21-38.1 as a component of SUSE Manager 2.1 xen-libs-32bit-4.2.5_21-38.1 as a component of SUSE Manager 2.1 xen-tools-4.2.5_21-38.1 as a component of SUSE Manager 2.1 xen-tools-domU-4.2.5_21-38.1 as a component of SUSE Manager 2.1 xen-4.2.5_21-38.1 as a component of SUSE Manager Proxy 2.1 xen-doc-html-4.2.5_21-38.1 as a component of SUSE Manager Proxy 2.1 xen-doc-pdf-4.2.5_21-38.1 as a component of SUSE Manager Proxy 2.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 as a component of SUSE Manager Proxy 2.1 xen-libs-4.2.5_21-38.1 as a component of SUSE Manager Proxy 2.1 xen-libs-32bit-4.2.5_21-38.1 as a component of SUSE Manager Proxy 2.1 xen-tools-4.2.5_21-38.1 as a component of SUSE Manager Proxy 2.1 xen-tools-domU-4.2.5_21-38.1 as a component of SUSE Manager Proxy 2.1 xen-4.2.5_21-38.1 as a component of SUSE OpenStack Cloud 5 xen-doc-html-4.2.5_21-38.1 as a component of SUSE OpenStack Cloud 5 xen-doc-pdf-4.2.5_21-38.1 as a component of SUSE OpenStack Cloud 5 xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 as a component of SUSE OpenStack Cloud 5 xen-libs-4.2.5_21-38.1 as a component of SUSE OpenStack Cloud 5 xen-libs-32bit-4.2.5_21-38.1 as a component of SUSE OpenStack Cloud 5 xen-tools-4.2.5_21-38.1 as a component of SUSE OpenStack Cloud 5 xen-tools-domU-4.2.5_21-38.1 as a component of SUSE OpenStack Cloud 5 Memory leak in the vcard_apdu_new function in card_7816.c in libcacard before 2.5.3 allows local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object. CVE-2017-6414 SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-38.1 SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-doc-html-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-doc-pdf-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-libs-32bit-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-libs-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-tools-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-tools-domU-4.2.5_21-38.1 SUSE Manager 2.1:xen-4.2.5_21-38.1 SUSE Manager 2.1:xen-doc-html-4.2.5_21-38.1 SUSE Manager 2.1:xen-doc-pdf-4.2.5_21-38.1 SUSE Manager 2.1:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Manager 2.1:xen-libs-32bit-4.2.5_21-38.1 SUSE Manager 2.1:xen-libs-4.2.5_21-38.1 SUSE Manager 2.1:xen-tools-4.2.5_21-38.1 SUSE Manager 2.1:xen-tools-domU-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-doc-html-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-doc-pdf-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Manager Proxy 2.1:xen-libs-32bit-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-libs-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-tools-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-tools-domU-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-doc-html-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-doc-pdf-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE OpenStack Cloud 5:xen-libs-32bit-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-libs-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-tools-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-tools-domU-4.2.5_21-38.1 important 1.5 AV:L/AC:M/Au:S/C:N/I:N/A:P 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20171058-1/ https://www.suse.com/security/cve/CVE-2017-6414.html CVE-2017-6414 https://bugzilla.suse.com/1027514 SUSE Bug 1027514 https://bugzilla.suse.com/1027570 SUSE Bug 1027570 The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330. CVE-2017-6505 SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-38.1 SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-doc-html-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-doc-pdf-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-libs-32bit-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-libs-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-tools-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-tools-domU-4.2.5_21-38.1 SUSE Manager 2.1:xen-4.2.5_21-38.1 SUSE Manager 2.1:xen-doc-html-4.2.5_21-38.1 SUSE Manager 2.1:xen-doc-pdf-4.2.5_21-38.1 SUSE Manager 2.1:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Manager 2.1:xen-libs-32bit-4.2.5_21-38.1 SUSE Manager 2.1:xen-libs-4.2.5_21-38.1 SUSE Manager 2.1:xen-tools-4.2.5_21-38.1 SUSE Manager 2.1:xen-tools-domU-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-doc-html-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-doc-pdf-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Manager Proxy 2.1:xen-libs-32bit-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-libs-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-tools-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-tools-domU-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-doc-html-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-doc-pdf-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE OpenStack Cloud 5:xen-libs-32bit-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-libs-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-tools-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-tools-domU-4.2.5_21-38.1 moderate 1.5 AV:L/AC:M/Au:S/C:N/I:N/A:P 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20171058-1/ https://www.suse.com/security/cve/CVE-2017-6505.html CVE-2017-6505 https://bugzilla.suse.com/1028184 SUSE Bug 1028184 https://bugzilla.suse.com/1028235 SUSE Bug 1028235 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays. CVE-2017-7228 SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-38.1 SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-doc-html-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-doc-pdf-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-kmp-pae-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-libs-32bit-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-libs-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-tools-4.2.5_21-38.1 SUSE Linux Enterprise Server 11 SP3-LTSS:xen-tools-domU-4.2.5_21-38.1 SUSE Manager 2.1:xen-4.2.5_21-38.1 SUSE Manager 2.1:xen-doc-html-4.2.5_21-38.1 SUSE Manager 2.1:xen-doc-pdf-4.2.5_21-38.1 SUSE Manager 2.1:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Manager 2.1:xen-libs-32bit-4.2.5_21-38.1 SUSE Manager 2.1:xen-libs-4.2.5_21-38.1 SUSE Manager 2.1:xen-tools-4.2.5_21-38.1 SUSE Manager 2.1:xen-tools-domU-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-doc-html-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-doc-pdf-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE Manager Proxy 2.1:xen-libs-32bit-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-libs-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-tools-4.2.5_21-38.1 SUSE Manager Proxy 2.1:xen-tools-domU-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-doc-html-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-doc-pdf-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-kmp-default-4.2.5_21_3.0.101_0.47.99-38.1 SUSE OpenStack Cloud 5:xen-libs-32bit-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-libs-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-tools-4.2.5_21-38.1 SUSE OpenStack Cloud 5:xen-tools-domU-4.2.5_21-38.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20171058-1/ https://www.suse.com/security/cve/CVE-2017-7228.html CVE-2017-7228 https://bugzilla.suse.com/1030442 SUSE Bug 1030442 https://bugzilla.suse.com/1072198 SUSE Bug 1072198 https://bugzilla.suse.com/1072223 SUSE Bug 1072223 https://bugzilla.suse.com/1178658 SUSE Bug 1178658