Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2016.3174.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2016:3174-1)
Summary:The remote host is missing an update for the 'xen' package(s) announced via the SUSE-SU-2016:3174-1 advisory.
Description:Summary:
The remote host is missing an update for the 'xen' package(s) announced via the SUSE-SU-2016:3174-1 advisory.

Vulnerability Insight:
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2016-9637: ioport array overflow allowing a malicious guest
administrator can escalate their privilege to that of the host
(bsc#1011652)
- CVE-2016-9386: x86 null segments were not always treated as unusable
allowing an unprivileged guest user program to elevate its privilege to
that of the guest operating system. Exploit of this vulnerability is
easy on Intel and more complicated on AMD (bsc#1009100)
- CVE-2016-9382: x86 task switch to VM86 mode was mis-handled, allowing a
unprivileged guest process to escalate its privilege to that of the
guest operating system on AMD hardware. On Intel hardware a malicious
unprivileged guest process can crash the guest (bsc#1009103)
- CVE-2016-9385: x86 segment base write emulation lacked canonical address
checks, allowing a malicious guest administrator to crash the host
(bsc#1009104)
- CVE-2016-9383: The x86 64-bit bit test instruction emulation was broken,
allowing a guest to modify arbitrary memory leading to arbitrary code
execution (bsc#1009107)
- CVE-2016-9381: Improper processing of shared rings allowing guest
administrators take over the qemu process, elevating their privilege to
that of the qemu process (bsc#1009109)
- CVE-2016-9380: Delimiter injection vulnerabilities in pygrub allowed
guest administrators to obtain the contents of sensitive host files or
delete the files (bsc#1009111)
- CVE-2016-9379: Delimiter injection vulnerabilities in pygrub allowed
guest administrators to obtain the contents of sensitive host files or
delete the files (bsc#1009111)
- CVE-2016-7777: Xen did not properly honor CR0.TS and CR0.EM, which
allowed local x86 HVM guest OS users to read or modify FPU, MMX, or XMM
register state information belonging to arbitrary tasks on the guest by
modifying an instruction while the hypervisor is preparing to emulate it
(bsc#1000106)
- CVE-2016-8910: The rtl8139_cplus_transmit function in hw/net/rtl8139.c
allowed local guest OS administrators to cause a denial of service
(infinite loop and CPU consumption) by leveraging failure to limit the
ring descriptor count (bsc#1007157)
- CVE-2016-8909: The intel_hda_xfer function in hw/audio/intel-hda.c
allowed local guest OS administrators to cause a denial of service
(infinite loop and CPU consumption) via an entry with the same value for
buffer length and pointer position (bsc#1007160)
- CVE-2016-8667: The rc4030_write function in hw/dma/rc4030.c in allowed
local guest OS administrators to cause a denial of service
(divide-by-zero error and QEMU process crash) via a large interval timer
reload value (bsc#1005004)
- CVE-2016-8669: The serial_update_parameters function in hw/char/serial.c
allowed local guest OS administrators to cause a denial of service
(divide-by-zero error and QEMU process crash) via vectors involving a
value of divider greater than ba... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'xen' package(s) on SUSE Linux Enterprise Software Development Kit 11-SP4, SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Debuginfo 11-SP4

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-7777
BugTraq ID: 93344
http://www.securityfocus.com/bid/93344
https://security.gentoo.org/glsa/201611-09
http://www.securitytracker.com/id/1036942
Common Vulnerability Exposure (CVE) ID: CVE-2016-7908
BugTraq ID: 93273
http://www.securityfocus.com/bid/93273
https://security.gentoo.org/glsa/201611-11
https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
http://www.openwall.com/lists/oss-security/2016/10/03/2
http://www.openwall.com/lists/oss-security/2016/10/03/5
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html
SuSE Security Announcement: openSUSE-SU-2016:3237 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7909
BugTraq ID: 93275
http://www.securityfocus.com/bid/93275
http://www.openwall.com/lists/oss-security/2016/10/03/3
http://www.openwall.com/lists/oss-security/2016/10/03/6
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07942.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8576
BugTraq ID: 93469
http://www.securityfocus.com/bid/93469
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
http://www.openwall.com/lists/oss-security/2016/10/10/6
http://www.openwall.com/lists/oss-security/2016/10/10/12
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01265.html
RedHat Security Advisories: RHSA-2017:2392
https://access.redhat.com/errata/RHSA-2017:2392
RedHat Security Advisories: RHSA-2017:2408
https://access.redhat.com/errata/RHSA-2017:2408
Common Vulnerability Exposure (CVE) ID: CVE-2016-8667
BugTraq ID: 93567
http://www.securityfocus.com/bid/93567
http://www.openwall.com/lists/oss-security/2016/10/14/6
http://www.openwall.com/lists/oss-security/2016/10/15/4
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02577.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8669
BugTraq ID: 93563
http://www.securityfocus.com/bid/93563
http://www.openwall.com/lists/oss-security/2016/10/14/9
http://www.openwall.com/lists/oss-security/2016/10/15/5
Common Vulnerability Exposure (CVE) ID: CVE-2016-8909
BugTraq ID: 93842
http://www.securityfocus.com/bid/93842
http://www.openwall.com/lists/oss-security/2016/10/24/1
http://www.openwall.com/lists/oss-security/2016/10/24/4
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04682.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8910
BugTraq ID: 93844
http://www.securityfocus.com/bid/93844
http://www.openwall.com/lists/oss-security/2016/10/24/2
http://www.openwall.com/lists/oss-security/2016/10/24/5
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9379
BugTraq ID: 94473
http://www.securityfocus.com/bid/94473
https://security.gentoo.org/glsa/201612-56
http://www.securitytracker.com/id/1037347
Common Vulnerability Exposure (CVE) ID: CVE-2016-9380
Common Vulnerability Exposure (CVE) ID: CVE-2016-9381
BugTraq ID: 94476
http://www.securityfocus.com/bid/94476
http://www.securitytracker.com/id/1037344
Common Vulnerability Exposure (CVE) ID: CVE-2016-9382
BugTraq ID: 94470
http://www.securityfocus.com/bid/94470
http://www.securitytracker.com/id/1037341
Common Vulnerability Exposure (CVE) ID: CVE-2016-9383
BugTraq ID: 94474
http://www.securityfocus.com/bid/94474
http://www.securitytracker.com/id/1037346
Common Vulnerability Exposure (CVE) ID: CVE-2016-9385
BugTraq ID: 94472
http://www.securityfocus.com/bid/94472
http://www.securitytracker.com/id/1037342
Common Vulnerability Exposure (CVE) ID: CVE-2016-9386
BugTraq ID: 94471
http://www.securityfocus.com/bid/94471
http://www.securitytracker.com/id/1037340
Common Vulnerability Exposure (CVE) ID: CVE-2016-9637
BugTraq ID: 94699
http://www.securityfocus.com/bid/94699
https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html
RedHat Security Advisories: RHSA-2016:2963
http://rhn.redhat.com/errata/RHSA-2016-2963.html
http://www.securitytracker.com/id/1037397
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.