Security update for Xen
SUSE Security Update: Security update for Xen
XEN received various security and bugfixes:
* CVE-2012-4535: xen: Timer overflow DoS vulnerability
(XSA-20)
* CVE-2012-4537: xen: Memory mapping failure DoS
vulnerability (XSA-22)
The following additional bugs have beenfixed:
* bnc#784087 - L3: Xen BUG at io_apic.c:129
26102-x86-IOAPIC-legacy-not-first.patch
* Upstream patches from Jan
25927-x86-domctl-ioport-mapping-range.patch
25931-x86-domctl-iomem-mapping-checks.patch
26061-x86-oprof-counter-range.patch
25431-x86-EDD-MBR-sig-check.patch
25480-x86_64-sysret-canonical.patch
25481-x86_64-AMD-erratum-121.patch
25485-x86_64-canonical-checks.patch
25587-param-parse-limit.patch
25589-pygrub-size-limits.patch
25744-hypercall-return-long.patch
25765-x86_64-allow-unsafe-adjust.patch
25773-x86-honor-no-real-mode.patch
25786-x86-prefer-multiboot-meminfo-over-e801.patch
25808-domain_create-return-value.patch
25814-x86_64-set-debugreg-guest.patch
24742-gnttab-misc.patch 25098-x86-emul-lock-UD.patch
25200-x86_64-trap-bounce-flags.patch
25271-x86_64-IST-index.patch
*
bnc#651093 - win2k8 guests are unable to restore
after saving the vms state ept-novell-x64.patch
23800-x86_64-guest-addr-range.patch
24168-x86-vioapic-clear-remote_irr.patch
24453-x86-vIRQ-IRR-TMR-race.patch 24456-x86-emul-lea.patch
*
bnc#713555 - Unable to install RHEL 6.1 x86 as a
paravirtualized guest OS on SLES 10 SP4 x86
vm-install-0.2.19.tar.bz2
Security Issue references:
* CVE-2012-4539
>
* CVE-2012-3497
>
* CVE-2012-4411
>
* CVE-2012-4535
>
* CVE-2012-4537
>
* CVE-2012-4536
>
* CVE-2012-4538
>
* CVE-2012-4539
>
* CVE-2012-4544
>
Announcement ID: | SUSE-SU-2012:1487-1 |
Rating: | important |
References: | #651093 #713555 #784087 #786516 #786517 |
Affected Products: |
An update that fixes 8 vulnerabilities is now available.
Description:
XEN received various security and bugfixes:
* CVE-2012-4535: xen: Timer overflow DoS vulnerability
(XSA-20)
* CVE-2012-4537: xen: Memory mapping failure DoS
vulnerability (XSA-22)
The following additional bugs have beenfixed:
* bnc#784087 - L3: Xen BUG at io_apic.c:129
26102-x86-IOAPIC-legacy-not-first.patch
* Upstream patches from Jan
25927-x86-domctl-ioport-mapping-range.patch
25931-x86-domctl-iomem-mapping-checks.patch
26061-x86-oprof-counter-range.patch
25431-x86-EDD-MBR-sig-check.patch
25480-x86_64-sysret-canonical.patch
25481-x86_64-AMD-erratum-121.patch
25485-x86_64-canonical-checks.patch
25587-param-parse-limit.patch
25589-pygrub-size-limits.patch
25744-hypercall-return-long.patch
25765-x86_64-allow-unsafe-adjust.patch
25773-x86-honor-no-real-mode.patch
25786-x86-prefer-multiboot-meminfo-over-e801.patch
25808-domain_create-return-value.patch
25814-x86_64-set-debugreg-guest.patch
24742-gnttab-misc.patch 25098-x86-emul-lock-UD.patch
25200-x86_64-trap-bounce-flags.patch
25271-x86_64-IST-index.patch
*
bnc#651093 - win2k8 guests are unable to restore
after saving the vms state ept-novell-x64.patch
23800-x86_64-guest-addr-range.patch
24168-x86-vioapic-clear-remote_irr.patch
24453-x86-vIRQ-IRR-TMR-race.patch 24456-x86-emul-lea.patch
*
bnc#713555 - Unable to install RHEL 6.1 x86 as a
paravirtualized guest OS on SLES 10 SP4 x86
vm-install-0.2.19.tar.bz2
Security Issue references:
* CVE-2012-4539
* CVE-2012-3497
* CVE-2012-4411
* CVE-2012-4535
* CVE-2012-4537
* CVE-2012-4536
* CVE-2012-4538
* CVE-2012-4539
* CVE-2012-4544
Package List:
- SUSE Linux Enterprise Server 10 SP4 (x86_64):
- xen-3.2.3_17040_42-0.7.2
- xen-devel-3.2.3_17040_42-0.7.2
- xen-doc-html-3.2.3_17040_42-0.7.2
- xen-doc-pdf-3.2.3_17040_42-0.7.2
- xen-doc-ps-3.2.3_17040_42-0.7.2
- xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
- xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
- xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
- xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
- xen-libs-3.2.3_17040_42-0.7.2
- xen-libs-32bit-3.2.3_17040_42-0.7.1
- xen-tools-3.2.3_17040_42-0.7.2
- xen-tools-domU-3.2.3_17040_42-0.7.2
- xen-tools-ioemu-3.2.3_17040_42-0.7.2
- SUSE Linux Enterprise Server 10 SP4 (i586):
- xen-3.2.3_17040_42-0.7.1
- xen-devel-3.2.3_17040_42-0.7.1
- xen-doc-html-3.2.3_17040_42-0.7.1
- xen-doc-pdf-3.2.3_17040_42-0.7.1
- xen-doc-ps-3.2.3_17040_42-0.7.1
- xen-kmp-bigsmp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-kmp-kdumppae-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-kmp-vmi-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-kmp-vmipae-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-libs-3.2.3_17040_42-0.7.1
- xen-tools-3.2.3_17040_42-0.7.1
- xen-tools-domU-3.2.3_17040_42-0.7.1
- xen-tools-ioemu-3.2.3_17040_42-0.7.1
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
- xen-3.2.3_17040_42-0.7.2
- xen-devel-3.2.3_17040_42-0.7.2
- xen-doc-html-3.2.3_17040_42-0.7.2
- xen-doc-pdf-3.2.3_17040_42-0.7.2
- xen-doc-ps-3.2.3_17040_42-0.7.2
- xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
- xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
- xen-libs-3.2.3_17040_42-0.7.2
- xen-libs-32bit-3.2.3_17040_42-0.7.1
- xen-tools-3.2.3_17040_42-0.7.2
- xen-tools-domU-3.2.3_17040_42-0.7.2
- xen-tools-ioemu-3.2.3_17040_42-0.7.2
- SUSE Linux Enterprise Desktop 10 SP4 (i586):
- xen-3.2.3_17040_42-0.7.1
- xen-devel-3.2.3_17040_42-0.7.1
- xen-doc-html-3.2.3_17040_42-0.7.1
- xen-doc-pdf-3.2.3_17040_42-0.7.1
- xen-doc-ps-3.2.3_17040_42-0.7.1
- xen-kmp-bigsmp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-kmp-default-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-kmp-smp-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-libs-3.2.3_17040_42-0.7.1
- xen-tools-3.2.3_17040_42-0.7.1
- xen-tools-domU-3.2.3_17040_42-0.7.1
- xen-tools-ioemu-3.2.3_17040_42-0.7.1
- SLE SDK 10 SP4 (x86_64):
- xen-3.2.3_17040_42-0.7.2
- xen-devel-3.2.3_17040_42-0.7.2
- xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
- xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.11-0.7.2
- xen-libs-3.2.3_17040_42-0.7.2
- xen-libs-32bit-3.2.3_17040_42-0.7.1
- xen-tools-3.2.3_17040_42-0.7.2
- xen-tools-ioemu-3.2.3_17040_42-0.7.2
- SLE SDK 10 SP4 (i586):
- xen-3.2.3_17040_42-0.7.1
- xen-devel-3.2.3_17040_42-0.7.1
- xen-kmp-debug-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-kmp-kdump-3.2.3_17040_42_2.6.16.60_0.99.8-0.7.1
- xen-libs-3.2.3_17040_42-0.7.1
- xen-tools-3.2.3_17040_42-0.7.1
- xen-tools-ioemu-3.2.3_17040_42-0.7.1
References:
- http://support.novell.com/security/cve/CVE-2012-3497.html
- http://support.novell.com/security/cve/CVE-2012-4411.html
- http://support.novell.com/security/cve/CVE-2012-4535.html
- http://support.novell.com/security/cve/CVE-2012-4536.html
- http://support.novell.com/security/cve/CVE-2012-4537.html
- http://support.novell.com/security/cve/CVE-2012-4538.html
- http://support.novell.com/security/cve/CVE-2012-4539.html
- http://support.novell.com/security/cve/CVE-2012-4544.html
- https://bugzilla.novell.com/651093
- https://bugzilla.novell.com/713555
- https://bugzilla.novell.com/784087
- https://bugzilla.novell.com/786516
- https://bugzilla.novell.com/786517
- http://download.suse.com/patch/finder/?keywords=1e9042debead5d88c23444a904a4e0c9