Upstream information

CVE-2012-3433 at MITRE

Description

Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service (domain 0 VCPU hang and kernel panic) by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.94
Vector AV:L/AC:L/Au:N/C:N/I:N/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete
SUSE Bugzilla entries: 773393 [CLOSED / FIXED], 773401 [CLOSED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • xen >= 4.4.1_06-2.2
  • xen-kmp-default >= 4.4.1_06_k3.12.28_4-2.2
  • xen-libs >= 4.4.1_06-2.2
  • xen-libs-32bit >= 4.4.1_06-2.2
Patchnames:
SUSE Linux Enterprise Desktop 12 GA xen
SUSE Linux Enterprise Desktop 12 SP1
  • xen >= 4.5.1_12-2.3
  • xen-kmp-default >= 4.5.1_12_k3.12.49_11-2.3
  • xen-libs >= 4.5.1_12-2.3
  • xen-libs-32bit >= 4.5.1_12-2.3
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA xen
SUSE Linux Enterprise Desktop 12 SP2
  • xen >= 4.7.0_12-23.4
  • xen-libs >= 4.7.0_12-23.4
  • xen-libs-32bit >= 4.7.0_12-23.4
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA xen
SUSE Linux Enterprise Desktop 12 SP3
  • xen >= 4.9.0_08-2.2
  • xen-libs >= 4.9.0_08-2.2
  • xen-libs-32bit >= 4.9.0_08-2.2
Patchnames:
SUSE Linux Enterprise Desktop 12 SP3 GA xen
SUSE Linux Enterprise Server 11 SP1
  • vm-install >= 0.4.34-0.3.1
  • xen >= 4.0.3_21548_08-0.7.1
  • xen-doc-html >= 4.0.3_21548_08-0.7.1
  • xen-doc-pdf >= 4.0.3_21548_08-0.7.1
  • xen-kmp-default >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-kmp-pae >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-kmp-trace >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-libs >= 4.0.3_21548_08-0.7.1
  • xen-tools >= 4.0.3_21548_08-0.7.1
  • xen-tools-domU >= 4.0.3_21548_08-0.7.1
Patchnames:
slessp1-xen-201208
SUSE Linux Enterprise Server 11 SP3
  • xen >= 4.2.2_04-0.7.5
  • xen-doc-html >= 4.2.2_04-0.7.5
  • xen-doc-pdf >= 4.2.2_04-0.7.5
  • xen-kmp-default >= 4.2.2_04_3.0.76_0.11-0.7.5
  • xen-kmp-pae >= 4.2.2_04_3.0.76_0.11-0.7.5
  • xen-libs >= 4.2.2_04-0.7.5
  • xen-libs-32bit >= 4.2.2_04-0.7.5
  • xen-tools >= 4.2.2_04-0.7.5
  • xen-tools-domU >= 4.2.2_04-0.7.5
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA xen
SUSE Linux Enterprise Server 11 SP4
  • xen >= 4.4.2_08-1.7
  • xen-doc-html >= 4.4.2_08-1.7
  • xen-kmp-default >= 4.4.2_08_3.0.101_63-1.7
  • xen-kmp-pae >= 4.4.2_08_3.0.101_63-1.7
  • xen-libs >= 4.4.2_08-1.7
  • xen-libs-32bit >= 4.4.2_08-1.7
  • xen-tools >= 4.4.2_08-1.7
  • xen-tools-domU >= 4.4.2_08-1.7
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA xen
SUSE Linux Enterprise Server 12
  • xen >= 4.4.1_06-2.2
  • xen-doc-html >= 4.4.1_06-2.2
  • xen-kmp-default >= 4.4.1_06_k3.12.28_4-2.2
  • xen-libs >= 4.4.1_06-2.2
  • xen-libs-32bit >= 4.4.1_06-2.2
  • xen-tools >= 4.4.1_06-2.2
  • xen-tools-domU >= 4.4.1_06-2.2
Patchnames:
SUSE Linux Enterprise Server 12 GA xen
SUSE Linux Enterprise Server 12 SP1
  • xen >= 4.5.1_12-2.3
  • xen-doc-html >= 4.5.1_12-2.3
  • xen-kmp-default >= 4.5.1_12_k3.12.49_11-2.3
  • xen-libs >= 4.5.1_12-2.3
  • xen-libs-32bit >= 4.5.1_12-2.3
  • xen-tools >= 4.5.1_12-2.3
  • xen-tools-domU >= 4.5.1_12-2.3
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA xen
SUSE Linux Enterprise Server 12 SP2
  • xen >= 4.7.0_12-23.4
  • xen-doc-html >= 4.7.0_12-23.4
  • xen-libs >= 4.7.0_12-23.4
  • xen-libs-32bit >= 4.7.0_12-23.4
  • xen-tools >= 4.7.0_12-23.4
  • xen-tools-domU >= 4.7.0_12-23.4
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA xen
SUSE Linux Enterprise Server 12 SP3
  • xen >= 4.9.0_08-2.2
  • xen-doc-html >= 4.9.0_08-2.2
  • xen-libs >= 4.9.0_08-2.2
  • xen-libs-32bit >= 4.9.0_08-2.2
  • xen-tools >= 4.9.0_08-2.2
  • xen-tools-domU >= 4.9.0_08-2.2
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA xen
SUSE Linux Enterprise Software Development Kit 11 SP4
  • xen-devel >= 4.4.2_08-1.7
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA xen-devel
SUSE Linux Enterprise Software Development Kit 12
  • xen-devel >= 4.4.1_06-2.2
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 GA xen-devel
SUSE Linux Enterprise Software Development Kit 12 SP1
  • xen-devel >= 4.5.1_12-2.3
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP1 GA xen-devel
SUSE Linux Enterprise Software Development Kit 12 SP2
  • xen-devel >= 4.7.0_12-23.4
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP2 GA xen-devel
SUSE Linux Enterprise Software Development Kit 12 SP3
  • xen-devel >= 4.9.0_08-2.2
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP3 GA xen-devel
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libvirt-devel >= 0.9.6-0.21.3
  • libvirt-devel-32bit >= 0.9.6-0.21.3
  • xen-devel >= 4.1.2_20-0.5.2
sles11-sp2.x86-64
sled11-sp2.x86-64
sle11-sp2-sdk.x86-64
SAT Patch Nr: 6640
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
  • libvirt >= 0.9.6-0.21.3
  • libvirt-client >= 0.9.6-0.21.3
  • libvirt-client-32bit >= 0.9.6-0.21.3
  • libvirt-doc >= 0.9.6-0.21.3
  • libvirt-python >= 0.9.6-0.21.3
  • virt-manager >= 0.9.0-3.19.1
  • vm-install >= 0.5.10-0.5.1
  • xen >= 4.1.2_20-0.5.2
  • xen-doc-html >= 4.1.2_20-0.5.2
  • xen-doc-pdf >= 4.1.2_20-0.5.2
  • xen-kmp-default >= 4.1.2_20_3.0.38_0.5-0.5.2
  • xen-kmp-trace >= 4.1.2_20_3.0.38_0.5-0.5.2
  • xen-libs >= 4.1.2_20-0.5.2
  • xen-libs-32bit >= 4.1.2_20-0.5.2
  • xen-tools >= 4.1.2_20-0.5.2
  • xen-tools-domU >= 4.1.2_20-0.5.2
sles11-sp2.x86-64
sled11-sp2.x86-64
sle11-sp2-sdk.x86-64
SAT Patch Nr: 6640
SUSE Linux Enterprise Software Development Kit 11 SP1
  • xen-devel >= 4.0.3_21548_08-0.7.1
sle11-sp1-sdk.x86-64
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sles11-sp1-vmware.x86
sles11-sp1.x86-64
sled11-sp1.x86
sles11-sp1.x86
sles11-sp1-vmware.x86-64
SAT Patch Nr: 6653
SUSE Linux Enterprise Desktop 11 SP1
  • vm-install >= 0.4.34-0.3.1
  • xen >= 4.0.3_21548_08-0.7.1
  • xen-kmp-default >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-kmp-pae >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-libs >= 4.0.3_21548_08-0.7.1
  • xen-tools >= 4.0.3_21548_08-0.7.1
  • xen-tools-domU >= 4.0.3_21548_08-0.7.1
sle11-sp1-sdk.x86-64
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sles11-sp1-vmware.x86
sles11-sp1.x86-64
sled11-sp1.x86
sles11-sp1.x86
sles11-sp1-vmware.x86-64
SAT Patch Nr: 6653
SUSE Linux Enterprise Desktop 11 SP1
  • vm-install >= 0.4.34-0.3.1
  • xen >= 4.0.3_21548_08-0.7.1
  • xen-kmp-default >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-libs >= 4.0.3_21548_08-0.7.1
  • xen-tools >= 4.0.3_21548_08-0.7.1
  • xen-tools-domU >= 4.0.3_21548_08-0.7.1
sle11-sp1-sdk.x86-64
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sles11-sp1-vmware.x86
sles11-sp1.x86-64
sled11-sp1.x86
sles11-sp1.x86
sles11-sp1-vmware.x86-64
SAT Patch Nr: 6653
SUSE Linux Enterprise Server 11 SP1
  • vm-install >= 0.4.34-0.3.1
  • xen >= 4.0.3_21548_08-0.7.1
  • xen-doc-html >= 4.0.3_21548_08-0.7.1
  • xen-doc-pdf >= 4.0.3_21548_08-0.7.1
  • xen-kmp-default >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-kmp-trace >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-libs >= 4.0.3_21548_08-0.7.1
  • xen-tools >= 4.0.3_21548_08-0.7.1
  • xen-tools-domU >= 4.0.3_21548_08-0.7.1
sle11-sp1-sdk.x86-64
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sles11-sp1-vmware.x86
sles11-sp1.x86-64
sled11-sp1.x86
sles11-sp1.x86
sles11-sp1-vmware.x86-64
SAT Patch Nr: 6653
SUSE Linux Enterprise Server 11 SP1 for VMware
  • xen-kmp-trace >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
sle11-sp1-sdk.x86-64
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sles11-sp1-vmware.x86
sles11-sp1.x86-64
sled11-sp1.x86
sles11-sp1.x86
sles11-sp1-vmware.x86-64
SAT Patch Nr: 6653
SUSE Linux Enterprise Server 11 SP1
  • vm-install >= 0.4.34-0.3.1
  • xen >= 4.0.3_21548_08-0.7.1
  • xen-doc-html >= 4.0.3_21548_08-0.7.1
  • xen-doc-pdf >= 4.0.3_21548_08-0.7.1
  • xen-kmp-default >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-kmp-pae >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-kmp-trace >= 4.0.3_21548_08_2.6.32.59_0.7-0.7.1
  • xen-libs >= 4.0.3_21548_08-0.7.1
  • xen-tools >= 4.0.3_21548_08-0.7.1
  • xen-tools-domU >= 4.0.3_21548_08-0.7.1
sle11-sp1-sdk.x86-64
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sles11-sp1-vmware.x86
sles11-sp1.x86-64
sled11-sp1.x86
sles11-sp1.x86
sles11-sp1-vmware.x86-64
SAT Patch Nr: 6653
openSUSE 11.4
  • xen >= 4.0.3_04-45.1
  • xen-debugsource >= 4.0.3_04-45.1
  • xen-devel >= 4.0.3_04-45.1
  • xen-doc-html >= 4.0.3_04-45.1
  • xen-doc-pdf >= 4.0.3_04-45.1
  • xen-kmp-default >= 4.0.3_04_k2.6.37.6_0.20-45.1
  • xen-kmp-default-debuginfo >= 4.0.3_04_k2.6.37.6_0.20-45.1
  • xen-kmp-desktop >= 4.0.3_04_k2.6.37.6_0.20-45.1
  • xen-kmp-desktop-debuginfo >= 4.0.3_04_k2.6.37.6_0.20-45.1
  • xen-kmp-pae >= 4.0.3_04_k2.6.37.6_0.20-45.1
  • xen-kmp-pae-debuginfo >= 4.0.3_04_k2.6.37.6_0.20-45.1
  • xen-libs >= 4.0.3_04-45.1
  • xen-libs-debuginfo >= 4.0.3_04-45.1
  • xen-tools >= 4.0.3_04-45.1
  • xen-tools-debuginfo >= 4.0.3_04-45.1
  • xen-tools-domU >= 4.0.3_04-45.1
  • xen-tools-domU-debuginfo >= 4.0.3_04-45.1
Patchnames:
openSUSE-2012-596
openSUSE Leap 42.1
  • xen >= 4.5.1_10-1.4
  • xen-doc-html >= 4.5.1_10-1.4
  • xen-kmp-default >= 4.5.1_10_k4.1.12_1-1.4
  • xen-libs >= 4.5.1_10-1.4
  • xen-tools >= 4.5.1_10-1.4
  • xen-tools-domU >= 4.5.1_10-1.4
Patchnames:
openSUSE Leap 42.1 GA xen
openSUSE Leap 42.2
  • xen >= 4.7.0_12-1.6
  • xen-doc-html >= 4.7.0_12-1.6
  • xen-libs >= 4.7.0_12-1.6
  • xen-tools >= 4.7.0_12-1.6
  • xen-tools-domU >= 4.7.0_12-1.6
Patchnames:
openSUSE Leap 42.2 GA xen
openSUSE Leap 42.3
  • xen >= 4.9.0_08-2.1
  • xen-doc-html >= 4.9.0_08-2.1
  • xen-libs >= 4.9.0_08-2.1
  • xen-tools >= 4.9.0_08-2.1
  • xen-tools-domU >= 4.9.0_08-2.1
Patchnames:
openSUSE Leap 42.3 GA xen
openSUSE Tumbleweed
  • xen >= 4.7.0_12-1.3
  • xen-devel >= 4.7.0_12-1.3
  • xen-doc-html >= 4.7.0_12-1.3
  • xen-libs >= 4.7.0_12-1.3
  • xen-libs-32bit >= 4.7.0_12-1.3
  • xen-tools >= 4.7.0_12-1.3
  • xen-tools-domU >= 4.7.0_12-1.3
Patchnames:
openSUSE Tumbleweed GA xen