Upstream information
CVE-2007-3919 at MITRE
Description
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
CVSS v2 Scores
| National Vulnerability Database |
Base Score | 6 |
Vector | AV:L/AC:M/Au:S/C:N/I:C/A:C |
Access Vector | Local |
Access Complexity | Medium |
Authentication | Single |
Confidentiality Impact | None |
Integrity Impact | Complete |
Availability Impact | Complete |
SUSE Bugzilla entry:
334445 [RESOLVED / FIXED]
No SUSE Security Announcements cross referenced.
List of released packages
Product(s) | Fixed package version(s) | References |
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4 | xen-devel >= 4.4.2_08-1.7
| Patchnames: SUSE Linux Enterprise Software Development Kit 11 SP4 GA xen-devel-4.4.2_08-1.7 |
SUSE Linux Enterprise Server 11 SP1 | xen >= 4.0.0_21091_04-0.2.6
xen-doc-html >= 4.0.0_21091_04-0.2.6
xen-doc-pdf >= 4.0.0_21091_04-0.2.6
xen-kmp-default >= 4.0.0_21091_04_2.6.32.12_0.7-0.2.6
xen-kmp-pae >= 4.0.0_21091_04_2.6.32.12_0.7-0.2.6
xen-libs >= 4.0.0_21091_04-0.2.6
xen-tools >= 4.0.0_21091_04-0.2.6
xen-tools-domU >= 4.0.0_21091_04-0.2.6
| Patchnames: SUSE Linux Enterprise Server 11 SP1 GA xen-4.0.0_21091_04-0.2.6 |
SUSE Linux Enterprise Server 11 SP2 | xen >= 4.1.2_14-0.5.5
xen-doc-html >= 4.1.2_14-0.5.5
xen-doc-pdf >= 4.1.2_14-0.5.5
xen-kmp-default >= 4.1.2_14_3.0.13_0.27-0.5.5
xen-kmp-pae >= 4.1.2_14_3.0.13_0.27-0.5.5
xen-libs >= 4.1.2_14-0.5.5
xen-libs-32bit >= 4.1.2_14-0.5.5
xen-tools >= 4.1.2_14-0.5.5
xen-tools-domU >= 4.1.2_14-0.5.5
| Patchnames: SUSE Linux Enterprise Server 11 SP2 GA xen-4.1.2_14-0.5.5 |
SUSE Linux Enterprise Server 11 SP3 | xen >= 4.2.2_04-0.7.5
xen-doc-html >= 4.2.2_04-0.7.5
xen-doc-pdf >= 4.2.2_04-0.7.5
xen-kmp-default >= 4.2.2_04_3.0.76_0.11-0.7.5
xen-kmp-pae >= 4.2.2_04_3.0.76_0.11-0.7.5
xen-libs >= 4.2.2_04-0.7.5
xen-libs-32bit >= 4.2.2_04-0.7.5
xen-tools >= 4.2.2_04-0.7.5
xen-tools-domU >= 4.2.2_04-0.7.5
| Patchnames: SUSE Linux Enterprise Server 11 SP3 GA xen-4.2.2_04-0.7.5 |
SUSE Linux Enterprise Server 11 SP4 | xen >= 4.4.2_08-1.7
xen-devel >= 4.4.2_08-1.7
xen-doc-html >= 4.4.2_08-1.7
xen-kmp-default >= 4.4.2_08_3.0.101_63-1.7
xen-kmp-pae >= 4.4.2_08_3.0.101_63-1.7
xen-libs >= 4.4.2_08-1.7
xen-libs-32bit >= 4.4.2_08-1.7
xen-tools >= 4.4.2_08-1.7
xen-tools-domU >= 4.4.2_08-1.7
| Patchnames: SUSE Linux Enterprise Server 11 SP4 GA xen-4.4.2_08-1.7 SUSE Linux Enterprise Software Development Kit 11 SP4 GA xen-devel-4.4.2_08-1.7 |
openSUSE Tumbleweed | xen >= 4.15.1_01-1.2
xen-devel >= 4.15.1_01-1.2
xen-doc-html >= 4.15.1_01-1.2
xen-libs >= 4.15.1_01-1.2
xen-libs-32bit >= 4.15.1_01-1.2
xen-tools >= 4.15.1_01-1.2
xen-tools-domU >= 4.15.1_01-1.2
xen-tools-xendomains-wait-disk >= 4.15.1_01-1.2
| Patchnames: openSUSE Tumbleweed GA xen-4.15.1_01-1.2 |