Upstream information

CVE-2017-7980 at MITRE

Description

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE information

CVSS v2 Scores
  SUSE
Base Score 4.05
Vector AV:L/AC:M/Au:S/C:P/I:P/A:P
Access Vector Local
Access Complexity Medium
Authentication Single
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

This issue is currently rated as having moderate severity.

SUSE Bugzilla entries: 1035406 [CONFIRMED], 1035483 [RESOLVED / ]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12 SP1
  • xen >= 4.5.5_10-22.14.1
  • xen-kmp-default >= 4.5.5_10_k3.12.69_60.64.35-22.14.1
  • xen-libs >= 4.5.5_10-22.14.1
  • xen-libs-32bit >= 4.5.5_10-22.14.1
Patchnames:
SUSE-SLE-DESKTOP-12-SP1-2017-661
SUSE Linux Enterprise Point of Sale 11 SP3
  • xen >= 4.2.5_21-41.1
  • xen-kmp-default >= 4.2.5_21_3.0.101_0.47.99-41.1
  • xen-kmp-pae >= 4.2.5_21_3.0.101_0.47.99-41.1
  • xen-libs >= 4.2.5_21-41.1
  • xen-tools-domU >= 4.2.5_21-41.1
Patchnames:
sleposp3-xen-13085
SUSE Linux Enterprise Server 11 SP3-LTSS
  • xen >= 4.2.5_21-41.1
  • xen-doc-html >= 4.2.5_21-41.1
  • xen-doc-pdf >= 4.2.5_21-41.1
  • xen-kmp-default >= 4.2.5_21_3.0.101_0.47.99-41.1
  • xen-kmp-pae >= 4.2.5_21_3.0.101_0.47.99-41.1
  • xen-libs >= 4.2.5_21-41.1
  • xen-libs-32bit >= 4.2.5_21-41.1
  • xen-tools >= 4.2.5_21-41.1
  • xen-tools-domU >= 4.2.5_21-41.1
Patchnames:
slessp3-xen-13085
SUSE Linux Enterprise Server 11 SP4
  • xen >= 4.4.4_18-57.1
  • xen-doc-html >= 4.4.4_18-57.1
  • xen-kmp-default >= 4.4.4_18_3.0.101_97-57.1
  • xen-kmp-pae >= 4.4.4_18_3.0.101_97-57.1
  • xen-libs >= 4.4.4_18-57.1
  • xen-libs-32bit >= 4.4.4_18-57.1
  • xen-tools >= 4.4.4_18-57.1
  • xen-tools-domU >= 4.4.4_18-57.1
Patchnames:
slessp4-xen-13084
SUSE Linux Enterprise Server 12 SP1
  • xen >= 4.5.5_10-22.14.1
  • xen-doc-html >= 4.5.5_10-22.14.1
  • xen-kmp-default >= 4.5.5_10_k3.12.69_60.64.35-22.14.1
  • xen-libs >= 4.5.5_10-22.14.1
  • xen-libs-32bit >= 4.5.5_10-22.14.1
  • xen-tools >= 4.5.5_10-22.14.1
  • xen-tools-domU >= 4.5.5_10-22.14.1
Patchnames:
SUSE-SLE-SERVER-12-SP1-2017-661
SUSE Linux Enterprise Server 12-LTSS
  • xen >= 4.4.4_18-22.39.1
  • xen-doc-html >= 4.4.4_18-22.39.1
  • xen-kmp-default >= 4.4.4_18_k3.12.61_52.69-22.39.1
  • xen-libs >= 4.4.4_18-22.39.1
  • xen-libs-32bit >= 4.4.4_18-22.39.1
  • xen-tools >= 4.4.4_18-22.39.1
  • xen-tools-domU >= 4.4.4_18-22.39.1
Patchnames:
SUSE-SLE-SERVER-12-2017-665
SUSE Linux Enterprise Software Development Kit 11 SP4
  • xen >= 4.4.4_18-57.1
  • xen-devel >= 4.4.4_18-57.1
Patchnames:
sdksp4-xen-13084
SUSE Linux Enterprise Software Development Kit 12 SP1
  • xen >= 4.5.5_10-22.14.1
  • xen-devel >= 4.5.5_10-22.14.1
Patchnames:
SUSE-SLE-SDK-12-SP1-2017-661
SUSE Linux Enterprise for SAP 12
  • xen >= 4.4.4_18-22.39.1
  • xen-doc-html >= 4.4.4_18-22.39.1
  • xen-kmp-default >= 4.4.4_18_k3.12.61_52.69-22.39.1
  • xen-libs >= 4.4.4_18-22.39.1
  • xen-libs-32bit >= 4.4.4_18-22.39.1
  • xen-tools >= 4.4.4_18-22.39.1
  • xen-tools-domU >= 4.4.4_18-22.39.1
Patchnames:
SUSE-SLE-SAP-12-2017-665
SUSE Manager 2.1
  • xen >= 4.2.5_21-41.1
  • xen-doc-html >= 4.2.5_21-41.1
  • xen-doc-pdf >= 4.2.5_21-41.1
  • xen-kmp-default >= 4.2.5_21_3.0.101_0.47.99-41.1
  • xen-libs >= 4.2.5_21-41.1
  • xen-libs-32bit >= 4.2.5_21-41.1
  • xen-tools >= 4.2.5_21-41.1
  • xen-tools-domU >= 4.2.5_21-41.1
Patchnames:
sleman21-xen-13085
SUSE Manager Proxy 2.1
  • xen >= 4.2.5_21-41.1
  • xen-doc-html >= 4.2.5_21-41.1
  • xen-doc-pdf >= 4.2.5_21-41.1
  • xen-kmp-default >= 4.2.5_21_3.0.101_0.47.99-41.1
  • xen-libs >= 4.2.5_21-41.1
  • xen-libs-32bit >= 4.2.5_21-41.1
  • xen-tools >= 4.2.5_21-41.1
  • xen-tools-domU >= 4.2.5_21-41.1
Patchnames:
slemap21-xen-13085
SUSE OpenStack Cloud 5
  • xen >= 4.2.5_21-41.1
  • xen-doc-html >= 4.2.5_21-41.1
  • xen-doc-pdf >= 4.2.5_21-41.1
  • xen-kmp-default >= 4.2.5_21_3.0.101_0.47.99-41.1
  • xen-libs >= 4.2.5_21-41.1
  • xen-libs-32bit >= 4.2.5_21-41.1
  • xen-tools >= 4.2.5_21-41.1
  • xen-tools-domU >= 4.2.5_21-41.1
Patchnames:
sleclo50sp3-xen-13085

List of packages in QA

Product(s) Package(s)
SUSE Linux Enterprise Desktop 12 SP2
  • qemu >= 2.6.2-41.16.1
  • qemu-block-curl >= 2.6.2-41.16.1
  • qemu-block-curl-debuginfo >= 2.6.2-41.16.1
  • qemu-debugsource >= 2.6.2-41.16.1
  • qemu-ipxe >= 1.0.0-41.16.1
  • qemu-kvm >= 2.6.2-41.16.1
  • qemu-seabios >= 1.9.1-41.16.1
  • qemu-sgabios >= 8-41.16.1
  • qemu-tools >= 2.6.2-41.16.1
  • qemu-tools-debuginfo >= 2.6.2-41.16.1
  • qemu-vgabios >= 1.9.1-41.16.1
  • qemu-x86 >= 2.6.2-41.16.1
SUSE Linux Enterprise Server 12 SP2
  • qemu >= 2.6.2-41.16.1
  • qemu-arm >= 2.6.2-41.16.1
  • qemu-arm-debuginfo >= 2.6.2-41.16.1
  • qemu-block-curl >= 2.6.2-41.16.1
  • qemu-block-curl-debuginfo >= 2.6.2-41.16.1
  • qemu-block-rbd >= 2.6.2-41.16.1
  • qemu-block-rbd-debuginfo >= 2.6.2-41.16.1
  • qemu-block-ssh >= 2.6.2-41.16.1
  • qemu-block-ssh-debuginfo >= 2.6.2-41.16.1
  • qemu-debugsource >= 2.6.2-41.16.1
  • qemu-guest-agent >= 2.6.2-41.16.1
  • qemu-guest-agent-debuginfo >= 2.6.2-41.16.1
  • qemu-ipxe >= 1.0.0-41.16.1
  • qemu-kvm >= 2.6.2-41.16.1
  • qemu-lang >= 2.6.2-41.16.1
  • qemu-ppc >= 2.6.2-41.16.1
  • qemu-ppc-debuginfo >= 2.6.2-41.16.1
  • qemu-s390 >= 2.6.2-41.16.1
  • qemu-s390-debuginfo >= 2.6.2-41.16.1
  • qemu-seabios >= 1.9.1-41.16.1
  • qemu-sgabios >= 8-41.16.1
  • qemu-tools >= 2.6.2-41.16.1
  • qemu-tools-debuginfo >= 2.6.2-41.16.1
  • qemu-vgabios >= 1.9.1-41.16.1
  • qemu-x86 >= 2.6.2-41.16.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • qemu >= 2.6.2-41.16.1
  • qemu-arm >= 2.6.2-41.16.1
  • qemu-arm-debuginfo >= 2.6.2-41.16.1
  • qemu-block-curl >= 2.6.2-41.16.1
  • qemu-block-curl-debuginfo >= 2.6.2-41.16.1
  • qemu-block-rbd >= 2.6.2-41.16.1
  • qemu-block-rbd-debuginfo >= 2.6.2-41.16.1
  • qemu-block-ssh >= 2.6.2-41.16.1
  • qemu-block-ssh-debuginfo >= 2.6.2-41.16.1
  • qemu-debugsource >= 2.6.2-41.16.1
  • qemu-guest-agent >= 2.6.2-41.16.1
  • qemu-guest-agent-debuginfo >= 2.6.2-41.16.1
  • qemu-ipxe >= 1.0.0-41.16.1
  • qemu-lang >= 2.6.2-41.16.1
  • qemu-tools >= 2.6.2-41.16.1
  • qemu-tools-debuginfo >= 2.6.2-41.16.1


List of planned updates

The following information is the current evaluation information for this security issue. It might neither be accurate nor complete, Use at own risk.
Product(s) Source package
  • SUSE Linux Enterprise Server for SAP 11 SP3
xen