openSUSE-SU-2012:1685-1 -- Suse xenID: oval:org.secpod.oval:def:400457 | Date: (C)2013-01-01 (M)2023-12-07 |
Class: PATCH | Family: unix |
This update of XEN fixes various denial of service bugs. - bnc#789945 - CVE-2012-5510: xen: Grant table version switch list corruption vulnerability - bnc#789944 - CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs - bnc#789940 - CVE-2012-5512: xen: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak - bnc#789951 - CVE-2012-5513: xen: XENMEM_exchange may overwrite hypervisor memory - bnc#789948 - CVE-2012-5514: xen: Missing unlock in guest_physmap_mark_populate_on_demand - bnc#789950 - CVE-2012-5515: xen: Several memory hypercall operations allow invalid extent order values - bnc#789988 - FATAL PAGE FAULT in hypervisor 25931-x86-domctl-iomem-mapping-checks.patch - Upstream patches from Jan 26132-tmem-save-NULL-check.patch 26134-x86-shadow-invlpg-check.patch 26148-vcpu-timer-overflow.patch 26149-x86-p2m-physmap-error-path.patch 26150-x86-shadow-unhook-toplevel-check.patch 26151-gnttab-compat-get-status-frames.patch - bnc#777628 - guest "disappears" after live migration Updated block-dmmd script - Fix exception in balloon.py and osdep.py xen-max-free-mem.diff - bnc#792476 - efi files missing in latest XEN update Revert c/s 25751 EFI Makefile changes in 23614-x86_64-EFI-boot.patch