CVE-2015-3456

Upstream information

CVE-2015-3456 at MITRE

Description

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.

---

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores

	National Vulnerability Database
Base Score	7.7
Vector	AV:A/AC:L/Au:S/C:C/I:C/A:C
Access Vector	Adjacent Network
Access Complexity	Low
Authentication	Single
Confidentiality Impact	Complete
Integrity Impact	Complete
Availability Impact	Complete

Note from the SUSE Security Team

A vulnerability (named VENOM) in the floppy disk driver of qemu, Xen, and KVM allows attackers with root privileges to escape from a virtual machine (guest) and access the host system. The bug is not easy to exploit and might trigger crashes of the host system, that could be an indicator for an ongoing attack. All currently supported versions of SUSE Linux Enterprise Server starting from SUSE Linux Enterprise 10 SP3 up to and including SUSE Linux Enterprise 12 are affected by this vulnerability. SUSE (OpenStack) Cloud is affected too. Since the problematic code is in qemu, all versions of Xen, qemu and KVM are affected.

SUSE Bugzilla entries: 929339 [RESOLVED], 932770 [RESOLVED], 935900 [RESOLVED]

SUSE Security Advisories:

• SUSE-SU-2015:0889-1, published Sat, 16 May 2015 00:04:49 +0200 (CEST)
• SUSE-SU-2015:0889-2, published Tue, 26 May 2015 14:06:51 +0200 (CEST)
• SUSE-SU-2015:0896-1, published Mon, 18 May 2015 17:05:01 +0200 (CEST)
• SUSE-SU-2015:0923-1, published Thu, 21 May 2015 09:04:52 +0200 (CEST)
• SUSE-SU-2015:0927-1, published Fri, 22 May 2015 00:04:46 +0200 (CEST)
• SUSE-SU-2015:0929-1, published Fri, 22 May 2015 00:08:52 +0200 (CEST)
• SUSE-SU-2015:0940-1, published Tue, 26 May 2015 14:04:56 +0200 (CEST)
• SUSE-SU-2015:0943-1, published Tue, 26 May 2015 14:07:13 +0200 (CEST)
• SUSE-SU-2015:0944-1, published Tue, 26 May 2015 14:07:44 +0200 (CEST)
• TID7016497, published Mi 13. Mai 18:33:03 CEST 2015
• openSUSE-SU-2015:0893-1, published Mon, 18 May 2015 14:04:51 +0200 (CEST)
• openSUSE-SU-2015:0894-1, published Mon, 18 May 2015 14:05:11 +0200 (CEST)
• openSUSE-SU-2015:0983-1, published Tue, 2 Jun 2015 10:04:52 +0200 (CEST)
• openSUSE-SU-2015:1092-1, published Mon, 22 Jun 2015 12:04:52 +0200 (CEST)
• openSUSE-SU-2015:1400-1, published Tue, 18 Aug 2015 10:09:13 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Desktop 11 SP3	kvm >= 1.4.2-0.22.27.1 xen >= 4.2.5_06-0.7.1 xen-doc-html >= 4.2.5_06-0.7.1 xen-doc-pdf >= 4.2.5_06-0.7.1 xen-kmp-default >= 4.2.5_06_3.0.101_0.47.52-0.7.1 xen-kmp-pae >= 4.2.5_06_3.0.101_0.47.52-0.7.1 xen-libs >= 4.2.5_06-0.7.1 xen-libs-32bit >= 4.2.5_06-0.7.1 xen-tools >= 4.2.5_06-0.7.1 xen-tools-domU >= 4.2.5_06-0.7.1	Patchnames: sledsp3-kvm sledsp3-xen
SUSE Linux Enterprise Desktop 12	qemu >= 2.0.2-46.1 qemu-block-curl >= 2.0.2-46.1 qemu-ipxe >= 1.0.0-46.1 qemu-kvm >= 2.0.2-46.1 qemu-seabios >= 1.7.4-46.1 qemu-sgabios >= 8-46.1 qemu-tools >= 2.0.2-46.1 qemu-vgabios >= 1.7.4-46.1 qemu-x86 >= 2.0.2-46.1 xen >= 4.4.2_04-18.1 xen-kmp-default >= 4.4.2_04_k3.12.39_47-18.1 xen-libs >= 4.4.2_04-18.1 xen-libs-32bit >= 4.4.2_04-18.1	Patchnames: SUSE-SLE-DESKTOP-12-2015-200 SUSE-SLE-DESKTOP-12-2015-206
SUSE Linux Enterprise Desktop 12 SP1	qemu >= 2.3.1-5.7 qemu-block-curl >= 2.3.1-5.7 qemu-ipxe >= 1.0.0-5.7 qemu-kvm >= 2.3.1-5.7 qemu-seabios >= 1.8.1-5.7 qemu-sgabios >= 8-5.7 qemu-tools >= 2.3.1-5.7 qemu-vgabios >= 1.8.1-5.7 qemu-x86 >= 2.3.1-5.7 xen >= 4.5.1_12-2.3 xen-kmp-default >= 4.5.1_12_k3.12.49_11-2.3 xen-libs >= 4.5.1_12-2.3 xen-libs-32bit >= 4.5.1_12-2.3	Patchnames: SUSE Linux Enterprise Desktop 12 SP1 GA qemu SUSE Linux Enterprise Desktop 12 SP1 GA xen
SUSE Linux Enterprise Desktop 12 SP2	qemu >= 2.6.1-27.15 qemu-block-curl >= 2.6.1-27.15 qemu-ipxe >= 1.0.0-27.15 qemu-kvm >= 2.6.1-27.15 qemu-seabios >= 1.9.1-27.15 qemu-sgabios >= 8-27.15 qemu-tools >= 2.6.1-27.15 qemu-vgabios >= 1.9.1-27.15 qemu-x86 >= 2.6.1-27.15 xen >= 4.7.0_12-23.4 xen-libs >= 4.7.0_12-23.4 xen-libs-32bit >= 4.7.0_12-23.4	Patchnames: SUSE Linux Enterprise Desktop 12 SP2 GA qemu SUSE Linux Enterprise Desktop 12 SP2 GA xen
SUSE Linux Enterprise Desktop 12 SP3	qemu >= 2.9.0-5.10 qemu-block-curl >= 2.9.0-5.10 qemu-ipxe >= 1.0.0-5.10 qemu-kvm >= 2.9.0-5.10 qemu-seabios >= 1.10.2-5.10 qemu-sgabios >= 8-5.10 qemu-tools >= 2.9.0-5.10 qemu-vgabios >= 1.10.2-5.10 qemu-x86 >= 2.9.0-5.10 xen >= 4.9.0_08-2.2 xen-libs >= 4.9.0_08-2.2 xen-libs-32bit >= 4.9.0_08-2.2	Patchnames: SUSE Linux Enterprise Desktop 12 SP3 GA qemu SUSE Linux Enterprise Desktop 12 SP3 GA xen
SUSE Linux Enterprise Desktop 12 SP4	qemu >= 2.11.2-4.14 qemu-block-curl >= 2.11.2-4.14 qemu-ipxe >= 1.0.0-4.14 qemu-kvm >= 2.11.2-4.14 qemu-seabios >= 1.11.0-4.14 qemu-sgabios >= 8-4.14 qemu-tools >= 2.11.2-4.14 qemu-vgabios >= 1.11.0-4.14 qemu-x86 >= 2.11.2-4.14 xen >= 4.11.0_08-1.11 xen-libs >= 4.11.0_08-1.11 xen-libs-32bit >= 4.11.0_08-1.11	Patchnames: SUSE Linux Enterprise Desktop 12 SP4 GA qemu SUSE Linux Enterprise Desktop 12 SP4 GA xen
SUSE Linux Enterprise Module for Basesystem 15	qemu-tools >= 2.11.1-7.5 xen-libs >= 4.10.1_04-1.4 xen-tools-domU >= 4.10.1_04-1.4	Patchnames: SUSE Linux Enterprise Module for Basesystem 15 GA qemu-tools SUSE Linux Enterprise Module for Basesystem 15 GA xen-libs
SUSE Linux Enterprise Module for Server Applications 15	qemu >= 2.11.1-7.5 qemu-block-curl >= 2.11.1-7.5 qemu-block-iscsi >= 2.11.1-7.5 qemu-block-rbd >= 2.11.1-7.5 qemu-block-ssh >= 2.11.1-7.5 qemu-guest-agent >= 2.11.1-7.5 qemu-ipxe >= 1.0.0-7.5 qemu-kvm >= 2.11.1-7.5 qemu-lang >= 2.11.1-7.5 qemu-seabios >= 1.11.0-7.5 qemu-sgabios >= 8-7.5 qemu-vgabios >= 1.11.0-7.5 qemu-x86 >= 2.11.1-7.5 xen >= 4.10.1_04-1.4 xen-devel >= 4.10.1_04-1.4 xen-tools >= 4.10.1_04-1.4	Patchnames: SUSE Linux Enterprise Module for Server Applications 15 GA qemu SUSE Linux Enterprise Module for Server Applications 15 GA xen
SUSE Linux Enterprise Server 11 SP1-LTSS	kvm >= 0.12.5-1.26.1 xen >= 4.0.3_21548_18-0.21.1 xen-doc-html >= 4.0.3_21548_18-0.21.1 xen-doc-pdf >= 4.0.3_21548_18-0.21.1 xen-kmp-default >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-kmp-pae >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-kmp-trace >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-libs >= 4.0.3_21548_18-0.21.1 xen-tools >= 4.0.3_21548_18-0.21.1 xen-tools-domU >= 4.0.3_21548_18-0.21.1	Patchnames: slessp1-kvm slessp1-xen
SUSE Linux Enterprise Server 11 SP2-LTSS	kvm >= 0.15.1-0.29.1 xen >= 4.1.6_08-0.11.1 xen-devel >= 4.1.6_08-0.11.1 xen-doc-html >= 4.1.6_08-0.11.1 xen-doc-pdf >= 4.1.6_08-0.11.1 xen-kmp-default >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-kmp-pae >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-kmp-trace >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-libs >= 4.1.6_08-0.11.1 xen-libs-32bit >= 4.1.6_08-0.11.1 xen-tools >= 4.1.6_08-0.11.1 xen-tools-domU >= 4.1.6_08-0.11.1	Patchnames: slessp2-kvm slessp2-xen
SUSE Linux Enterprise Server 11 SP3	kvm >= 1.4.2-0.22.27.1 xen >= 4.2.5_06-0.7.1 xen-doc-html >= 4.2.5_06-0.7.1 xen-doc-pdf >= 4.2.5_06-0.7.1 xen-kmp-default >= 4.2.5_06_3.0.101_0.47.52-0.7.1 xen-kmp-pae >= 4.2.5_06_3.0.101_0.47.52-0.7.1 xen-libs >= 4.2.5_06-0.7.1 xen-libs-32bit >= 4.2.5_06-0.7.1 xen-tools >= 4.2.5_06-0.7.1 xen-tools-domU >= 4.2.5_06-0.7.1	Patchnames: slessp3-kvm slessp3-xen
SUSE Linux Enterprise Server 11 SP4	kvm >= 1.4.2-30.5 xen >= 4.4.2_08-1.7 xen-doc-html >= 4.4.2_08-1.7 xen-kmp-default >= 4.4.2_08_3.0.101_63-1.7 xen-kmp-pae >= 4.4.2_08_3.0.101_63-1.7 xen-libs >= 4.4.2_08-1.7 xen-libs-32bit >= 4.4.2_08-1.7 xen-tools >= 4.4.2_08-1.7 xen-tools-domU >= 4.4.2_08-1.7	Patchnames: SUSE Linux Enterprise Server 11 SP4 GA kvm SUSE Linux Enterprise Server 11 SP4 GA xen
SUSE Linux Enterprise Server 12	qemu >= 2.0.2-46.1 qemu-block-curl >= 2.0.2-46.1 qemu-block-rbd >= 2.0.2-46.1 qemu-guest-agent >= 2.0.2-46.1 qemu-ipxe >= 1.0.0-46.1 qemu-kvm >= 2.0.2-46.1 qemu-lang >= 2.0.2-46.1 qemu-ppc >= 2.0.2-46.1 qemu-s390 >= 2.0.2-46.1 qemu-seabios >= 1.7.4-46.1 qemu-sgabios >= 8-46.1 qemu-tools >= 2.0.2-46.1 qemu-vgabios >= 1.7.4-46.1 qemu-x86 >= 2.0.2-46.1 xen >= 4.4.2_04-18.1 xen-doc-html >= 4.4.2_04-18.1 xen-kmp-default >= 4.4.2_04_k3.12.39_47-18.1 xen-libs >= 4.4.2_04-18.1 xen-libs-32bit >= 4.4.2_04-18.1 xen-tools >= 4.4.2_04-18.1 xen-tools-domU >= 4.4.2_04-18.1	Patchnames: SUSE-SLE-SERVER-12-2015-200 SUSE-SLE-SERVER-12-2015-206
SUSE Linux Enterprise Server 12 SP1	qemu >= 2.3.1-5.7 qemu-block-curl >= 2.3.1-5.7 qemu-block-rbd >= 2.3.1-5.7 qemu-guest-agent >= 2.3.1-5.7 qemu-ipxe >= 1.0.0-5.7 qemu-kvm >= 2.3.1-5.7 qemu-lang >= 2.3.1-5.7 qemu-ppc >= 2.3.1-5.7 qemu-s390 >= 2.3.1-5.7 qemu-seabios >= 1.8.1-5.7 qemu-sgabios >= 8-5.7 qemu-tools >= 2.3.1-5.7 qemu-vgabios >= 1.8.1-5.7 qemu-x86 >= 2.3.1-5.7 xen >= 4.5.1_12-2.3 xen-doc-html >= 4.5.1_12-2.3 xen-kmp-default >= 4.5.1_12_k3.12.49_11-2.3 xen-libs >= 4.5.1_12-2.3 xen-libs-32bit >= 4.5.1_12-2.3 xen-tools >= 4.5.1_12-2.3 xen-tools-domU >= 4.5.1_12-2.3	Patchnames: SUSE Linux Enterprise Server 12 SP1 GA qemu SUSE Linux Enterprise Server 12 SP1 GA xen
SUSE Linux Enterprise Server 12 SP2	qemu >= 2.6.1-27.15 qemu-arm >= 2.6.1-27.15 qemu-block-curl >= 2.6.1-27.15 qemu-block-rbd >= 2.6.1-27.15 qemu-block-ssh >= 2.6.1-27.15 qemu-guest-agent >= 2.6.1-27.15 qemu-ipxe >= 1.0.0-27.15 qemu-kvm >= 2.6.1-27.15 qemu-lang >= 2.6.1-27.15 qemu-ppc >= 2.6.1-27.15 qemu-s390 >= 2.6.1-27.15 qemu-seabios >= 1.9.1-27.15 qemu-sgabios >= 8-27.15 qemu-tools >= 2.6.1-27.15 qemu-vgabios >= 1.9.1-27.15 qemu-x86 >= 2.6.1-27.15 xen >= 4.7.0_12-23.4 xen-doc-html >= 4.7.0_12-23.4 xen-libs >= 4.7.0_12-23.4 xen-libs-32bit >= 4.7.0_12-23.4 xen-tools >= 4.7.0_12-23.4 xen-tools-domU >= 4.7.0_12-23.4	Patchnames: SUSE Linux Enterprise Server 12 SP2 GA qemu SUSE Linux Enterprise Server 12 SP2 GA xen
SUSE Linux Enterprise Server 12 SP3	qemu >= 2.9.0-5.10 qemu-arm >= 2.9.0-5.10 qemu-block-curl >= 2.9.0-5.10 qemu-block-rbd >= 2.9.0-5.10 qemu-block-ssh >= 2.9.0-5.10 qemu-guest-agent >= 2.9.0-5.10 qemu-ipxe >= 1.0.0-5.10 qemu-kvm >= 2.9.0-5.10 qemu-lang >= 2.9.0-5.10 qemu-ppc >= 2.9.0-5.10 qemu-s390 >= 2.9.0-5.10 qemu-seabios >= 1.10.2-5.10 qemu-sgabios >= 8-5.10 qemu-tools >= 2.9.0-5.10 qemu-vgabios >= 1.10.2-5.10 qemu-x86 >= 2.9.0-5.10 xen >= 4.9.0_08-2.2 xen-doc-html >= 4.9.0_08-2.2 xen-libs >= 4.9.0_08-2.2 xen-libs-32bit >= 4.9.0_08-2.2 xen-tools >= 4.9.0_08-2.2 xen-tools-domU >= 4.9.0_08-2.2	Patchnames: SUSE Linux Enterprise Server 12 SP3 GA qemu SUSE Linux Enterprise Server 12 SP3 GA xen
SUSE Linux Enterprise Server 12 SP4	qemu >= 2.11.2-4.14 qemu-arm >= 2.11.2-4.14 qemu-block-curl >= 2.11.2-4.14 qemu-block-iscsi >= 2.11.2-4.14 qemu-block-rbd >= 2.11.2-4.14 qemu-block-ssh >= 2.11.2-4.14 qemu-guest-agent >= 2.11.2-4.14 qemu-ipxe >= 1.0.0-4.14 qemu-kvm >= 2.11.2-4.14 qemu-lang >= 2.11.2-4.14 qemu-ppc >= 2.11.2-4.14 qemu-s390 >= 2.11.2-4.14 qemu-seabios >= 1.11.0-4.14 qemu-sgabios >= 8-4.14 qemu-tools >= 2.11.2-4.14 qemu-vgabios >= 1.11.0-4.14 qemu-x86 >= 2.11.2-4.14 xen >= 4.11.0_08-1.11 xen-doc-html >= 4.11.0_08-1.11 xen-libs >= 4.11.0_08-1.11 xen-libs-32bit >= 4.11.0_08-1.11 xen-tools >= 4.11.0_08-1.11 xen-tools-domU >= 4.11.0_08-1.11	Patchnames: SUSE Linux Enterprise Server 12 SP4 GA qemu SUSE Linux Enterprise Server 12 SP4 GA xen
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2	qemu >= 2.6.1-27.15 qemu-arm >= 2.6.1-27.15 qemu-block-curl >= 2.6.1-27.15 qemu-block-rbd >= 2.6.1-27.15 qemu-block-ssh >= 2.6.1-27.15 qemu-guest-agent >= 2.6.1-27.15 qemu-ipxe >= 1.0.0-27.15 qemu-lang >= 2.6.1-27.15 qemu-tools >= 2.6.1-27.15	Patchnames: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA qemu
SUSE Linux Enterprise Server for SAP Applications 11 SP1-LTSS	kvm >= 0.12.5-1.26.1 xen >= 4.0.3_21548_18-0.21.1 xen-doc-html >= 4.0.3_21548_18-0.21.1 xen-doc-pdf >= 4.0.3_21548_18-0.21.1 xen-kmp-default >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-kmp-pae >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-kmp-trace >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-libs >= 4.0.3_21548_18-0.21.1 xen-tools >= 4.0.3_21548_18-0.21.1 xen-tools-domU >= 4.0.3_21548_18-0.21.1	Patchnames: slessp1-kvm slessp1-xen
SUSE Linux Enterprise Server for SAP Applications 11 SP2-LTSS	kvm >= 0.15.1-0.29.1 xen >= 4.1.6_08-0.11.1 xen-devel >= 4.1.6_08-0.11.1 xen-doc-html >= 4.1.6_08-0.11.1 xen-doc-pdf >= 4.1.6_08-0.11.1 xen-kmp-default >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-kmp-pae >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-kmp-trace >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-libs >= 4.1.6_08-0.11.1 xen-libs-32bit >= 4.1.6_08-0.11.1 xen-tools >= 4.1.6_08-0.11.1 xen-tools-domU >= 4.1.6_08-0.11.1	Patchnames: slessp2-kvm slessp2-xen
SUSE Linux Enterprise Server for SAP Applications 11 SP3	kvm >= 1.4.2-0.22.27.1 xen >= 4.2.5_06-0.7.1 xen-doc-html >= 4.2.5_06-0.7.1 xen-doc-pdf >= 4.2.5_06-0.7.1 xen-kmp-default >= 4.2.5_06_3.0.101_0.47.52-0.7.1 xen-kmp-pae >= 4.2.5_06_3.0.101_0.47.52-0.7.1 xen-libs >= 4.2.5_06-0.7.1 xen-libs-32bit >= 4.2.5_06-0.7.1 xen-tools >= 4.2.5_06-0.7.1 xen-tools-domU >= 4.2.5_06-0.7.1	Patchnames: slessp3-kvm slessp3-xen
SUSE Linux Enterprise Server for SAP Applications 12	qemu >= 2.0.2-46.1 qemu-block-curl >= 2.0.2-46.1 qemu-block-rbd >= 2.0.2-46.1 qemu-guest-agent >= 2.0.2-46.1 qemu-ipxe >= 1.0.0-46.1 qemu-kvm >= 2.0.2-46.1 qemu-lang >= 2.0.2-46.1 qemu-ppc >= 2.0.2-46.1 qemu-s390 >= 2.0.2-46.1 qemu-seabios >= 1.7.4-46.1 qemu-sgabios >= 8-46.1 qemu-tools >= 2.0.2-46.1 qemu-vgabios >= 1.7.4-46.1 qemu-x86 >= 2.0.2-46.1 xen >= 4.4.2_04-18.1 xen-doc-html >= 4.4.2_04-18.1 xen-kmp-default >= 4.4.2_04_k3.12.39_47-18.1 xen-libs >= 4.4.2_04-18.1 xen-libs-32bit >= 4.4.2_04-18.1 xen-tools >= 4.4.2_04-18.1 xen-tools-domU >= 4.4.2_04-18.1	Patchnames: SUSE-SLE-SERVER-12-2015-200 SUSE-SLE-SERVER-12-2015-206
SUSE Linux Enterprise Software Development Kit 11 SP3	xen-devel >= 4.2.5_06-0.7.1	Patchnames: sdksp3-xen
SUSE Linux Enterprise Software Development Kit 11 SP4	xen-devel >= 4.4.2_08-1.7	Patchnames: SUSE Linux Enterprise Software Development Kit 11 SP4 GA xen-devel
SUSE Linux Enterprise Software Development Kit 12	xen >= 4.4.2_04-18.1 xen-devel >= 4.4.2_04-18.1	Patchnames: SUSE-SLE-SDK-12-2015-206
SUSE Linux Enterprise Software Development Kit 12 SP1	xen-devel >= 4.5.1_12-2.3	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP1 GA xen-devel
SUSE Linux Enterprise Software Development Kit 12 SP2	xen-devel >= 4.7.0_12-23.4	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP2 GA xen-devel
SUSE Linux Enterprise Software Development Kit 12 SP3	xen-devel >= 4.9.0_08-2.2	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP3 GA xen-devel
SUSE Linux Enterprise Software Development Kit 12 SP4	xen-devel >= 4.11.0_08-1.11	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP4 GA xen-devel
SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 11 SP3	kvm >= 1.4.2-0.22.27.1	Builds SAT Patch Nr: 10672
SUSE Linux Enterprise Server 10 SP4 LTSS for x86	xen >= 3.2.3_17040_46-0.15.1 xen-devel >= 3.2.3_17040_46-0.15.1 xen-doc-html >= 3.2.3_17040_46-0.15.1 xen-doc-pdf >= 3.2.3_17040_46-0.15.1 xen-doc-ps >= 3.2.3_17040_46-0.15.1 xen-kmp-bigsmp >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-debug >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-default >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-kdump >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-kdumppae >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-smp >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-vmi >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-vmipae >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-libs >= 3.2.3_17040_46-0.15.1 xen-tools >= 3.2.3_17040_46-0.15.1 xen-tools-domU >= 3.2.3_17040_46-0.15.1 xen-tools-ioemu >= 3.2.3_17040_46-0.15.1	Builds ZYPP Patch Nr: 9109
SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T	xen >= 3.2.3_17040_46-0.15.1 xen-devel >= 3.2.3_17040_46-0.15.1 xen-doc-html >= 3.2.3_17040_46-0.15.1 xen-doc-pdf >= 3.2.3_17040_46-0.15.1 xen-doc-ps >= 3.2.3_17040_46-0.15.1 xen-kmp-debug >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-default >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-kdump >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-kmp-smp >= 3.2.3_17040_46_2.6.16.60_0.132.1-0.15.1 xen-libs >= 3.2.3_17040_46-0.15.1 xen-libs-32bit >= 3.2.3_17040_46-0.15.1 xen-tools >= 3.2.3_17040_46-0.15.1 xen-tools-domU >= 3.2.3_17040_46-0.15.1 xen-tools-ioemu >= 3.2.3_17040_46-0.15.1	Builds ZYPP Patch Nr: 9109
SUSE Linux Enterprise Server 11 SP2 LTSS	xen-devel >= 4.1.6_08-0.11.1 xen-kmp-default >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-kmp-pae >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-kmp-trace >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-libs >= 4.1.6_08-0.11.1 xen-tools-domU >= 4.1.6_08-0.11.1	Builds SAT Patch Nr: 10685
SUSE Linux Enterprise Server 11 SP2 LTSS	xen >= 4.1.6_08-0.11.1 xen-devel >= 4.1.6_08-0.11.1 xen-doc-html >= 4.1.6_08-0.11.1 xen-doc-pdf >= 4.1.6_08-0.11.1 xen-kmp-default >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-kmp-trace >= 4.1.6_08_3.0.101_0.7.29-0.11.1 xen-libs >= 4.1.6_08-0.11.1 xen-libs-32bit >= 4.1.6_08-0.11.1 xen-tools >= 4.1.6_08-0.11.1 xen-tools-domU >= 4.1.6_08-0.11.1	Builds SAT Patch Nr: 10685
SUSE Linux Enterprise Server 11 SP2 LTSS	kvm >= 0.15.1-0.29.1	Builds SAT Patch Nr: 10682
SUSE Linux Enterprise Server 11 SP1 LTSS	kvm >= 0.12.5-1.26.1	Builds SAT Patch Nr: 10683
SUSE Linux Enterprise Server 11 SP1 LTSS	xen >= 4.0.3_21548_18-0.21.1 xen-doc-html >= 4.0.3_21548_18-0.21.1 xen-doc-pdf >= 4.0.3_21548_18-0.21.1 xen-kmp-default >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-kmp-pae >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-kmp-trace >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-libs >= 4.0.3_21548_18-0.21.1 xen-tools >= 4.0.3_21548_18-0.21.1 xen-tools-domU >= 4.0.3_21548_18-0.21.1	Builds SAT Patch Nr: 10684
SUSE Linux Enterprise Server 11 SP1 LTSS	xen >= 4.0.3_21548_18-0.21.1 xen-doc-html >= 4.0.3_21548_18-0.21.1 xen-doc-pdf >= 4.0.3_21548_18-0.21.1 xen-kmp-default >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-kmp-trace >= 4.0.3_21548_18_2.6.32.59_0.19-0.21.1 xen-libs >= 4.0.3_21548_18-0.21.1 xen-tools >= 4.0.3_21548_18-0.21.1 xen-tools-domU >= 4.0.3_21548_18-0.21.1	Builds SAT Patch Nr: 10684
SUSE Linux Enterprise Software Development Kit 11 SP3	xen-devel >= 4.2.5_06-0.7.1	Builds SAT Patch Nr: 10673
SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 11 SP3	xen-kmp-default >= 4.2.5_06_3.0.101_0.47.52-0.7.1 xen-kmp-pae >= 4.2.5_06_3.0.101_0.47.52-0.7.1 xen-libs >= 4.2.5_06-0.7.1 xen-tools-domU >= 4.2.5_06-0.7.1	Builds SAT Patch Nr: 10673
SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 11 SP3	xen >= 4.2.5_06-0.7.1 xen-doc-html >= 4.2.5_06-0.7.1 xen-doc-pdf >= 4.2.5_06-0.7.1 xen-kmp-default >= 4.2.5_06_3.0.101_0.47.52-0.7.1 xen-libs >= 4.2.5_06-0.7.1 xen-libs-32bit >= 4.2.5_06-0.7.1 xen-tools >= 4.2.5_06-0.7.1 xen-tools-domU >= 4.2.5_06-0.7.1	Builds SAT Patch Nr: 10673
openSUSE 13.1	python-virtualbox >= 4.2.32-2.35.1 python-virtualbox-debuginfo >= 4.2.32-2.35.1 qemu >= 1.6.2-4.8.1 qemu-debuginfo >= 1.6.2-4.8.1 qemu-debugsource >= 1.6.2-4.8.1 qemu-guest-agent >= 1.6.2-4.8.1 qemu-guest-agent-debuginfo >= 1.6.2-4.8.1 qemu-ipxe >= 1.0.0-4.8.1 qemu-lang >= 1.6.2-4.8.1 qemu-linux-user >= 1.6.2-4.8.1 qemu-linux-user-debuginfo >= 1.6.2-4.8.1 qemu-linux-user-debugsource >= 1.6.2-4.8.1 qemu-seabios >= 1.7.2.2-4.8.1 qemu-sgabios >= 8-4.8.1 qemu-tools >= 1.6.2-4.8.1 qemu-tools-debuginfo >= 1.6.2-4.8.1 qemu-vgabios >= 0.6c-4.8.1 virtualbox >= 4.2.32-2.35.1 virtualbox-debuginfo >= 4.2.32-2.35.1 virtualbox-debugsource >= 4.2.32-2.35.1 virtualbox-devel >= 4.2.32-2.35.1 virtualbox-guest-kmp-default >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-guest-kmp-default-debuginfo >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-guest-kmp-desktop >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-guest-kmp-desktop-debuginfo >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-guest-kmp-pae >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-guest-kmp-pae-debuginfo >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-guest-tools >= 4.2.32-2.35.1 virtualbox-guest-tools-debuginfo >= 4.2.32-2.35.1 virtualbox-guest-x11 >= 4.2.32-2.35.1 virtualbox-guest-x11-debuginfo >= 4.2.32-2.35.1 virtualbox-host-kmp-default >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-host-kmp-default-debuginfo >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-host-kmp-desktop >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-host-kmp-desktop-debuginfo >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-host-kmp-pae >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-host-kmp-pae-debuginfo >= 4.2.32_k3.11.10_29-2.35.1 virtualbox-host-source >= 4.2.32-2.35.1 virtualbox-qt >= 4.2.32-2.35.1 virtualbox-qt-debuginfo >= 4.2.32-2.35.1 virtualbox-websrv >= 4.2.32-2.35.1 virtualbox-websrv-debuginfo >= 4.2.32-2.35.1 xen >= 4.3.4_04-44.1 xen-debugsource >= 4.3.4_04-44.1 xen-devel >= 4.3.4_04-44.1 xen-doc-html >= 4.3.4_04-44.1 xen-kmp-default >= 4.3.4_04_k3.11.10_29-44.1 xen-kmp-default-debuginfo >= 4.3.4_04_k3.11.10_29-44.1 xen-kmp-desktop >= 4.3.4_04_k3.11.10_29-44.1 xen-kmp-desktop-debuginfo >= 4.3.4_04_k3.11.10_29-44.1 xen-kmp-pae >= 4.3.4_04_k3.11.10_29-44.1 xen-kmp-pae-debuginfo >= 4.3.4_04_k3.11.10_29-44.1 xen-libs >= 4.3.4_04-44.1 xen-libs-32bit >= 4.3.4_04-44.1 xen-libs-debuginfo >= 4.3.4_04-44.1 xen-libs-debuginfo-32bit >= 4.3.4_04-44.1 xen-tools >= 4.3.4_04-44.1 xen-tools-debuginfo >= 4.3.4_04-44.1 xen-tools-domU >= 4.3.4_04-44.1 xen-tools-domU-debuginfo >= 4.3.4_04-44.1 xen-xend-tools >= 4.3.4_04-44.1 xen-xend-tools-debuginfo >= 4.3.4_04-44.1	Patchnames: openSUSE-2015-363 openSUSE-2015-391 openSUSE-2015-550
openSUSE Leap 15.0	qemu >= 2.11.1-lp150.6.7 qemu-block-curl >= 2.11.1-lp150.6.7 qemu-block-rbd >= 2.11.1-lp150.6.7 qemu-block-ssh >= 2.11.1-lp150.6.7 qemu-guest-agent >= 2.11.1-lp150.6.7 qemu-ipxe >= 1.0.0-lp150.6.7 qemu-ksm >= 2.11.1-lp150.6.7 qemu-seabios >= 1.11.0-lp150.6.7 qemu-sgabios >= 8-lp150.6.7 qemu-tools >= 2.11.1-lp150.6.7 qemu-vgabios >= 1.11.0-lp150.6.7 qemu-x86 >= 2.11.1-lp150.6.7 virtualbox-guest-kmp-default >= 5.2.10_k4.12.14_lp150.11-lp150.3.6 virtualbox-guest-tools >= 5.2.10-lp150.3.6 virtualbox-guest-x11 >= 5.2.10-lp150.3.6 xen-libs >= 4.10.0_20-lp150.1.2	Patchnames: openSUSE Leap 15.0 GA qemu openSUSE Leap 15.0 GA virtualbox-guest-kmp-default openSUSE Leap 15.0 GA xen-libs
openSUSE Leap 42.1	qemu >= 2.3.1-7.2 qemu-arm >= 2.3.1-7.2 qemu-block-curl >= 2.3.1-7.2 qemu-block-rbd >= 2.3.1-7.2 qemu-extra >= 2.3.1-7.2 qemu-ipxe >= 1.0.0-7.2 qemu-kvm >= 2.3.1-7.2 qemu-lang >= 2.3.1-7.2 qemu-ppc >= 2.3.1-7.2 qemu-s390 >= 2.3.1-7.2 qemu-seabios >= 1.8.1-7.2 qemu-sgabios >= 8-7.2 qemu-tools >= 2.3.1-7.2 qemu-vgabios >= 1.8.1-7.2 qemu-x86 >= 2.3.1-7.2 virtualbox >= 5.0.6-2.5 virtualbox-guest-kmp-default >= 5.0.6_k4.1.12_1-2.5 virtualbox-guest-tools >= 5.0.6-2.5 virtualbox-guest-x11 >= 5.0.6-2.5 virtualbox-host-kmp-default >= 5.0.6_k4.1.12_1-2.5 virtualbox-qt >= 5.0.6-2.5 xen >= 4.5.1_10-1.4 xen-doc-html >= 4.5.1_10-1.4 xen-kmp-default >= 4.5.1_10_k4.1.12_1-1.4 xen-libs >= 4.5.1_10-1.4 xen-tools >= 4.5.1_10-1.4 xen-tools-domU >= 4.5.1_10-1.4	Patchnames: openSUSE Leap 42.1 GA qemu openSUSE Leap 42.1 GA virtualbox openSUSE Leap 42.1 GA xen
openSUSE Leap 42.2	qemu >= 2.6.1-21.1 qemu-arm >= 2.6.1-21.1 qemu-block-curl >= 2.6.1-21.1 qemu-block-dmg >= 2.6.1-21.1 qemu-block-iscsi >= 2.6.1-21.1 qemu-block-rbd >= 2.6.1-21.1 qemu-block-ssh >= 2.6.1-21.1 qemu-extra >= 2.6.1-21.1 qemu-ipxe >= 1.0.0-21.1 qemu-kvm >= 2.6.1-21.1 qemu-lang >= 2.6.1-21.1 qemu-ppc >= 2.6.1-21.1 qemu-s390 >= 2.6.1-21.1 qemu-seabios >= 1.9.1-21.1 qemu-sgabios >= 8-21.1 qemu-tools >= 2.6.1-21.1 qemu-vgabios >= 1.9.1-21.1 qemu-x86 >= 2.6.1-21.1 virtualbox-guest-kmp-default >= 5.1.4_k4.4.27_2-1.6 virtualbox-guest-tools >= 5.1.4-1.6 virtualbox-guest-x11 >= 5.1.4-1.6 xen >= 4.7.0_12-1.6 xen-doc-html >= 4.7.0_12-1.6 xen-libs >= 4.7.0_12-1.6 xen-tools >= 4.7.0_12-1.6 xen-tools-domU >= 4.7.0_12-1.6	Patchnames: openSUSE Leap 42.2 GA qemu openSUSE Leap 42.2 GA virtualbox-guest-kmp-default openSUSE Leap 42.2 GA xen
openSUSE Leap 42.3	qemu >= 2.9.0-30.1 qemu-arm >= 2.9.0-30.1 qemu-block-curl >= 2.9.0-30.1 qemu-block-dmg >= 2.9.0-30.1 qemu-block-iscsi >= 2.9.0-30.1 qemu-block-rbd >= 2.9.0-30.1 qemu-block-ssh >= 2.9.0-30.1 qemu-extra >= 2.9.0-30.1 qemu-ipxe >= 1.0.0-30.1 qemu-ksm >= 2.9.0-30.1 qemu-kvm >= 2.9.0-30.1 qemu-lang >= 2.9.0-30.1 qemu-ppc >= 2.9.0-30.1 qemu-s390 >= 2.9.0-30.1 qemu-seabios >= 1.10.2-30.1 qemu-sgabios >= 8-30.1 qemu-tools >= 2.9.0-30.1 qemu-vgabios >= 1.10.2-30.1 qemu-x86 >= 2.9.0-30.1 virtualbox-guest-kmp-default >= 5.1.22_k4.4.76_1-20.2 virtualbox-guest-tools >= 5.1.22-20.2 virtualbox-guest-x11 >= 5.1.22-20.2 xen >= 4.9.0_08-2.1 xen-doc-html >= 4.9.0_08-2.1 xen-libs >= 4.9.0_08-2.1 xen-tools >= 4.9.0_08-2.1 xen-tools-domU >= 4.9.0_08-2.1	Patchnames: openSUSE Leap 42.3 GA qemu openSUSE Leap 42.3 GA virtualbox-guest-kmp-default openSUSE Leap 42.3 GA xen
openSUSE Tumbleweed	python-virtualbox >= 5.1.10-2.5 qemu >= 2.6.1-1.5 qemu-arm >= 2.6.1-1.5 qemu-block-curl >= 2.6.1-1.5 qemu-block-dmg >= 2.6.1-1.5 qemu-block-gluster >= 2.6.1-1.5 qemu-block-iscsi >= 2.6.1-1.5 qemu-block-ssh >= 2.6.1-1.5 qemu-extra >= 2.6.1-1.5 qemu-guest-agent >= 2.6.1-1.5 qemu-ipxe >= 1.0.0-1.5 qemu-ksm >= 2.6.1-1.5 qemu-kvm >= 2.6.1-1.5 qemu-lang >= 2.6.1-1.5 qemu-ppc >= 2.6.1-1.5 qemu-s390 >= 2.6.1-1.5 qemu-seabios >= 1.9.1-1.5 qemu-sgabios >= 8-1.5 qemu-testsuite >= 2.6.1-1.5 qemu-tools >= 2.6.1-1.5 qemu-vgabios >= 1.9.1-1.5 qemu-x86 >= 2.6.1-1.5 virtualbox >= 5.1.10-2.5 virtualbox-devel >= 5.1.10-2.5 virtualbox-guest-desktop-icons >= 5.1.10-2.5 virtualbox-guest-kmp-default >= 5.1.10_k4.8.13_1-2.5 virtualbox-guest-kmp-pae >= 5.1.10_k4.8.13_1-2.5 virtualbox-guest-tools >= 5.1.10-2.5 virtualbox-guest-x11 >= 5.1.10-2.5 virtualbox-host-kmp-default >= 5.1.10_k4.8.13_1-2.5 virtualbox-host-kmp-pae >= 5.1.10_k4.8.13_1-2.5 virtualbox-host-source >= 5.1.10-2.5 virtualbox-qt >= 5.1.10-2.5 virtualbox-websrv >= 5.1.10-2.5 xen >= 4.7.0_12-1.3 xen-devel >= 4.7.0_12-1.3 xen-doc-html >= 4.7.0_12-1.3 xen-libs >= 4.7.0_12-1.3 xen-libs-32bit >= 4.7.0_12-1.3 xen-tools >= 4.7.0_12-1.3 xen-tools-domU >= 4.7.0_12-1.3	Patchnames: openSUSE Tumbleweed GA python-virtualbox openSUSE Tumbleweed GA qemu openSUSE Tumbleweed GA xen

---

Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.

Product(s)	Source package	State
SUSE Linux Enterprise Desktop 11 SP1	kvm	Affected
SUSE Linux Enterprise Desktop 11 SP3	kvm	Released
SUSE Linux Enterprise Desktop 11 SP4	kvm	Already fixed
SUSE Linux Enterprise Desktop 12 GA	qemu	Released
SUSE Linux Enterprise Desktop 12 SP1	qemu	Unsupported
SUSE Linux Enterprise SDK 11 SP2	qemu	Not affected
SUSE Linux Enterprise SDK 11 SP3	qemu	Ignore
SUSE Linux Enterprise SDK 11 SP4	qemu	Ignore
SUSE Linux Enterprise Server 11 SP1	kvm	Affected
SUSE Linux Enterprise Server 11 SP1 LTSS	kvm	Affected
SUSE Linux Enterprise Server 11 SP3	kvm	Released
SUSE Linux Enterprise Server 11 SP3 LTSS	kvm	Released
SUSE Linux Enterprise Server 11 SP4	kvm	Already fixed
SUSE Linux Enterprise Server 12 GA	qemu	Released
SUSE Linux Enterprise Server 12 SP1	qemu	Unsupported
SUSE Linux Enterprise Server for SAP AIO 11 SP1	kvm	Affected
SUSE Linux Enterprise Server for SAP Applications 11 SP3	kvm	Released
SUSE Linux Enterprise Server for SAP ES 11 SP1	kvm	Affected
SUSE Studio Onsite Runner 1	kvm	Affected