Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2012:1044-1)
Summary:The remote host is missing an update for the 'Xen ' package(s) announced via the SUSE-SU-2012:1044-1 advisory.
The remote host is missing an update for the 'Xen ' package(s) announced via the SUSE-SU-2012:1044-1 advisory.

Vulnerability Insight:
Xen was updated to fix several security issues:


CVE-2012-3433: A xen HVM guest destroy p2m teardown host DoS vulnerability was fixed, where malicious guest could lock/crash the host.


CVE-2012-3432: A xen HVM guest user mode MMIO emulation DoS was fixed.


CVE-2012-2625: The xen pv bootloader doesn't check the size of the bzip2 or lzma compressed kernel, leading to denial of service (crash).

Also the following bug in XEN was fixed:

* bnc#746702 - Xen HVM DomU crash during Windows Server 2008 R2 install, when maxmem > memory

This update also included bugfixes for:

* vm-install: - bnc#762963 - ReaR: Unable to recover a paravirtualized XEN guest

Security Issue references:

* CVE-2012-3432
* CVE-2012-3433
* CVE-2012-2625

Affected Software/OS:
'Xen ' package(s) on SUSE Linux Enterprise Software Development Kit 11 SP1, SUSE Linux Enterprise Server 11 SP1, SUSE Linux Enterprise Desktop 11 SP1

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-2625
BugTraq ID: 53650
RedHat Security Advisories: RHSA-2012:1130
SuSE Security Announcement: SUSE-SU-2012:1043 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:1044 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:1135 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:1172 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:1174 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:1572 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:1573 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2012-3432
BugTraq ID: 54691
Debian Security Information: DSA-2531 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2012-3433
BugTraq ID: 54942
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.