Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2014:1318-1)
Summary:The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2014:1318-1 advisory.
The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2014:1318-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 11 Service Pack 3 Xen package was updated to fix various bugs and security issues.

The following security issues have been fixed:

* XSA-108: CVE-2014-7188: Improper MSR range used for x2APIC emulation
* XSA-106: CVE-2014-7156: Missing privilege level checks in x86
emulation of software interrupts (bnc#895802)
* XSA-105: CVE-2014-7155: Missing privilege level checks in x86 HLT,
LGDT, LIDT, and LMSW emulation (bnc#895799)
* XSA-104: CVE-2014-7154: Race condition in HVMOP_track_dirty_vram
* XSA-100: CVE-2014-4021: Hypervisor heap contents leaked to guests
* XSA-96: CVE-2014-3967, CVE-2014-3968: Vulnerabilities in HVM MSI
injection (bnc#878841)
* XSA-89: CVE-2014-2599: HVMOP_set_mem_access is not preemptible
* XSA-65: CVE-2013-4344: qemu SCSI REPORT LUNS buffer overflow
* CVE-2013-4540: qemu: zaurus: buffer overrun on invalid state load

The following non-security issues have been fixed:

* xend: Fix netif convertToDeviceNumber for running domains
* Installing SLES12 as a VM on SLES11 SP3 fails because of btrfs in
the VM (bnc#882092)
* XEN kernel panic do_device_not_available() (bnc#881900)
* Boot Failure with xen kernel in UEFI mode with error 'No memory for
trampoline' (bnc#833483)
* SLES 11 SP3 vm-install should get RHEL 7 support when released
* SLES 11 SP3 XEN kiso version cause softlockup on 8 blades npar(480
cpu) (bnc#858178)
* Local attach support for PHY backends using scripts
local_attach_support_for_phy.patch (bnc#865682)
* Improve multipath support for npiv devices block-npiv (bnc#798770)

Security Issues:

* CVE-2013-4344
* CVE-2013-4540
* CVE-2014-2599
* CVE-2014-3967
* CVE-2014-3968
* CVE-2014-4021
* CVE-2014-7154
* CVE-2014-7155
* CVE-2014-7156
* CVE-2014-7188

Affected Software/OS:
'Xen' package(s) on SUSE Linux Enterprise Desktop 11 SP3, SUSE Linux Enterprise Server 11 SP3, SUSE Linux Enterprise Software Development Kit 11 SP3.

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-4344
BugTraq ID: 62773
RedHat Security Advisories: RHSA-2013:1553
RedHat Security Advisories: RHSA-2013:1754
SuSE Security Announcement: openSUSE-SU-2014:1279 (Google Search)
SuSE Security Announcement: openSUSE-SU-2014:1281 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-4540
Common Vulnerability Exposure (CVE) ID: CVE-2014-2599
BugTraq ID: 66407
Debian Security Information: DSA-3006 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-3967
BugTraq ID: 67794
Common Vulnerability Exposure (CVE) ID: CVE-2014-3968
BugTraq ID: 67824
Common Vulnerability Exposure (CVE) ID: CVE-2014-4021
BugTraq ID: 68070
Common Vulnerability Exposure (CVE) ID: CVE-2014-7154
Debian Security Information: DSA-3041 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-7155
BugTraq ID: 70057
Common Vulnerability Exposure (CVE) ID: CVE-2014-7156
BugTraq ID: 70062
Common Vulnerability Exposure (CVE) ID: CVE-2014-7188
BugTraq ID: 70198
XForce ISS Database: xen-cve20147188-dos(96785)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.