[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2017:0983-1 -- SLES xen

ID: oval:org.secpod.oval:def:89044848Date: (C)2021-07-20   (M)2022-10-10
Class: PATCHFamily: unix




This update for xen to version 4.7.2 fixes the following issues: These security issues were fixed: - CVE-2017-7228: Broken check in memory_exchange permited PV guest breakout . - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or driver domain, possibly leading to a Denial of Service of the entire host . - CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service via vectors involving the number of link endpoint list descriptors . These non-security issues were fixed: - bsc#1015348: libvirtd didn"t not start during boot - bsc#1014136: kdump couldn"t dump a kernel on SLES12-SP2 with Xen hypervisor. - bsc#1026236: Fixed paravirtualized performance - bsc#1022555: Timeout in execution of /etc/xen/scripts/block add - bsc#1029827: Forward port xenstored - bsc#1029128: Make xen to really produce xen.efi with gcc48

Platform:
SUSE Linux Enterprise Server 12 SP2
Product:
xen
Reference:
SUSE-SU-2017:0983-1
CVE-2017-6505
CVE-2017-7228
CVE    2
CVE-2017-6505
CVE-2017-7228
CPE    2
cpe:/o:suse:suse_linux_enterprise_server:12:sp2
cpe:/a:xen:xen

© SecPod Technologies