Security update for xen

SUSE Security Update: Security update for xen
Announcement ID: SUSE-SU-2017:1742-1
Rating: important
References: #1027519 #1035642 #1037243 #1042160 #1042882 #1042893 #1042915 #1042923 #1042924 #1042931 #1042938
Affected Products:
  • SUSE Linux Enterprise Software Development Kit 12-SP2
  • SUSE Linux Enterprise Server 12-SP2
  • SUSE Linux Enterprise Desktop 12-SP2

  • An update that solves two vulnerabilities and has 9 fixes is now available.


    This update for xen fixes several issues.

    These security issues were fixed:

    - Page transfer might have allowed PV guest to elevate privilege (XSA-217,
    - Races in the grant table unmap code allowed for informations leaks and
    potentially privilege escalation (XSA-218, bsc#1042893)
    - Insufficient reference counts during shadow emulation allowed a
    malicious pair of guest to elevate their privileges to the privileges
    that XEN runs under (XSA-219, bsc#1042915)
    - Missing NULL pointer check in event channel poll allows guests to DoS
    the host (XSA-221, bsc#1042924)
    - Stale P2M mappings due to insufficient error checking allowed malicious
    guest to leak information or elevate privileges (XSA-222, bsc#1042931)
    - Grant table operations mishandled reference counts allowing malicious
    guests to escape (XSA-224, bsc#1042938)
    - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users
    to cause a denial of service (infinite loop) by leveraging an incorrect
    return value (bsc#1042160)
    - CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers
    to cause a denial of service (memory consumption) by repeatedly starting
    and stopping audio capture (bsc#1037243)
    - PKRU and BND* leakage between vCPU-s might have leaked information to
    other guests (XSA-220, bsc#1042923)

    These non-security issues were fixed:

    - bsc#1027519: Included various upstream patches
    - bsc#1035642: Ensure that rpmbuild works

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Software Development Kit 12-SP2:
      zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1087=1
    • SUSE Linux Enterprise Server 12-SP2:
      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1087=1
    • SUSE Linux Enterprise Desktop 12-SP2:
      zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1087=1

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 x86_64):
      • xen-debugsource-4.7.2_06-42.1
      • xen-devel-4.7.2_06-42.1
    • SUSE Linux Enterprise Server 12-SP2 (x86_64):
      • xen-4.7.2_06-42.1
      • xen-debugsource-4.7.2_06-42.1
      • xen-doc-html-4.7.2_06-42.1
      • xen-libs-32bit-4.7.2_06-42.1
      • xen-libs-4.7.2_06-42.1
      • xen-libs-debuginfo-32bit-4.7.2_06-42.1
      • xen-libs-debuginfo-4.7.2_06-42.1
      • xen-tools-4.7.2_06-42.1
      • xen-tools-debuginfo-4.7.2_06-42.1
      • xen-tools-domU-4.7.2_06-42.1
      • xen-tools-domU-debuginfo-4.7.2_06-42.1
    • SUSE Linux Enterprise Desktop 12-SP2 (x86_64):
      • xen-4.7.2_06-42.1
      • xen-debugsource-4.7.2_06-42.1
      • xen-libs-32bit-4.7.2_06-42.1
      • xen-libs-4.7.2_06-42.1
      • xen-libs-debuginfo-32bit-4.7.2_06-42.1
      • xen-libs-debuginfo-4.7.2_06-42.1