|
|
Log in / Subscribe / Register

openSUSE alert openSUSE-SU-2013:0912-1 (xen)



From:
    	      opensuse-security@opensuse.org 


To:
    	      opensuse-updates@opensuse.org 


Subject:
    	      openSUSE-SU-2013:0912-1: moderate: xen up to xsa-47 


Date:
    	      Mon, 10 Jun 2013 17:17:25 +0200 (CEST)


Message-ID:
    	      <20130610151725.A552832232@maintenance.suse.de>



   openSUSE Security Update: xen up to xsa-47
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2013:0912-1
Rating:             moderate
References:         #794316 
Cross-References:   CVE-2012-5634 CVE-2013-0153 CVE-2013-1917
                    CVE-2013-1919 CVE-2013-1920
Affected Products:
                    openSUSE 11.4
______________________________________________________________________________

   An update that fixes 5 vulnerabilities is now available.

Description:

   XEN was updated to fix security issues:

   - CVE-2012-5634: xen: VT-d interrupt remapping source
   validation flaw (XSA-33) [bnc#794316]
   - CVE-2013-0153: interrupt remap entries shared and old
   ones not cleared on AMD IOMMUs (XSA-36)
   - CVE-2013-1917: PV DoS vulnerability with SYSENTER (XSA-44)
   - CVE-2013-1919: several access permission issues with IRQs
   for unprivileged guests (XSA-46)
   - CVE-2013-1920: Potential use of freed memory in event
   channel operations (XSA-47)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.4:

      zypper in -t patch 2013-70

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.4 (i586 x86_64):

      xen-4.0.3_05-53.1
      xen-debugsource-4.0.3_05-53.1
      xen-devel-4.0.3_05-53.1
      xen-doc-html-4.0.3_05-53.1
      xen-doc-pdf-4.0.3_05-53.1
      xen-kmp-default-4.0.3_05_k2.6.37.6_24-53.1
      xen-kmp-default-debuginfo-4.0.3_05_k2.6.37.6_24-53.1
      xen-kmp-desktop-4.0.3_05_k2.6.37.6_24-53.1
      xen-kmp-desktop-debuginfo-4.0.3_05_k2.6.37.6_24-53.1
      xen-libs-4.0.3_05-53.1
      xen-libs-debuginfo-4.0.3_05-53.1
      xen-tools-4.0.3_05-53.1
      xen-tools-debuginfo-4.0.3_05-53.1
      xen-tools-domU-4.0.3_05-53.1
      xen-tools-domU-debuginfo-4.0.3_05-53.1

   - openSUSE 11.4 (i586):

      xen-kmp-pae-4.0.3_05_k2.6.37.6_24-53.1
      xen-kmp-pae-debuginfo-4.0.3_05_k2.6.37.6_24-53.1


References:

   http://support.novell.com/security/cve/CVE-2012-5634.html
   http://support.novell.com/security/cve/CVE-2013-0153.html
   http://support.novell.com/security/cve/CVE-2013-1917.html
   http://support.novell.com/security/cve/CVE-2013-1919.html
   http://support.novell.com/security/cve/CVE-2013-1920.html
   https://bugzilla.novell.com/794316
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds