Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Xen
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Xen
ID: openSUSE-SU-2017:0008-1
Distribution: SUSE
Plattformen: openSUSE 13.2
Datum: Mo, 2. Januar 2017, 23:16
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8667
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9637
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9932
Applikationen: Xen

Originalnachricht

 
   openSUSE Security Update: Security update for xen
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2017:0008-1
Rating:             important
References:         #1000106 #1000195 #1002496 #1003030 #1003032 
                    #1004016 #1005004 #1005005 #1007157 #1007160 
                    #1009100 #1009103 #1009104 #1009107 #1009109 
                    #1009111 #1011652 #1012651 #1014298 #1016340 
                    #953518 
Cross-References:   CVE-2016-10013 CVE-2016-10024 CVE-2016-7777
                    CVE-2016-7908 CVE-2016-7909 CVE-2016-8576
                    CVE-2016-8667 CVE-2016-8669 CVE-2016-8909
                    CVE-2016-8910 CVE-2016-9379 CVE-2016-9380
                    CVE-2016-9381 CVE-2016-9382 CVE-2016-9383
                    CVE-2016-9385 CVE-2016-9386 CVE-2016-9637
                    CVE-2016-9932
Affected Products:
                    openSUSE 13.2
______________________________________________________________________________

   An update that solves 19 vulnerabilities and has two fixes
   is now available.

Description:


   This updates xen to version 4.4.4_06 to fix the following issues:

   - An unprivileged user in a guest could gain guest could escalate
     privilege to that of the guest kernel, if it had could invoke the
     instruction emulator. Only 64-bit x86 HVM guest were affected. Linux
     guest have not been vulnerable. (boo#1016340, CVE-2016-10013)
   - An unprivileged user in a 64 bit x86 guest could gain information from
     the host, crash the host or gain privilege of the host (boo#1009107,
     CVE-2016-9383)
   - An unprivileged guest process could (unintentionally or maliciously)
     obtain
     or ocorrupt sensitive information of other programs in the same guest.
      Only x86 HVM guests have been affected. The attacker needs to be able
      to trigger the Xen instruction emulator. (boo#1000106, CVE-2016-7777)
   - A guest on x86 systems could read small parts of hypervisor stack data
     (boo#1012651, CVE-2016-9932)
   - A malicious guest kernel could hang or crash the host system
     (boo#1014298, CVE-2016-10024)
   - A malicious guest administrator could escalate their privilege to that
     of the host. Only affects x86 HVM guests using qemu older version 1.6.0
     or using the qemu-xen-traditional. (boo#1011652, CVE-2016-9637)
   - An unprivileged guest user could escalate privilege to that of the guest
     administrator on x86 HVM guests, especially on Intel CPUs (boo#1009100,
     CVE-2016-9386)
   - An unprivileged guest user could escalate privilege to that of the guest
     administrator (on AMD CPUs) or crash the system (on Intel CPUs) on
     32-bit x86 HVM guests. Only guest operating systems that allowed a new
     task to start in VM86 mode were affected. (boo#1009103, CVE-2016-9382)
   - A malicious guest administrator could crash the host on x86 PV guests
     only (boo#1009104, CVE-2016-9385)
   - A malicious guest administrator could get privilege of the host emulator
     process on x86 HVM guests. (boo#1009109, CVE-2016-9381)
   - A vulnerability in pygrub allowed a malicious guest administrator to
     obtain the contents of sensitive host files, or even delete those files
     (boo#1009111, CVE-2016-9379, CVE-2016-9380)
   - A privileged guest user could cause an infinite loop in the RTL8139
     ethernet emulation to consume CPU cycles on the host, causing a DoS
     situation (boo#1007157, CVE-2016-8910)
   - A privileged guest user could cause an infinite loop in the intel-hda
     sound emulation to consume CPU cycles on the host, causing a DoS
     situation (boo#1007160, CVE-2016-8909)
   - A privileged guest user could cause a crash of the emulator process on
     the host by exploiting a divide by zero vulnerability of the JAZZ RC4030
     chipset emulation (boo#1005004 CVE-2016-8667)
   - A privileged guest user could cause a crash of the emulator process on
     the host by exploiting a divide by zero issue of the 16550A UART
     emulation (boo#1005005, CVE-2016-8669)
   - A privileged guest user could cause an infinite loop in the USB xHCI
     emulation, causing a DoS situation on the host (boo#1004016,
     CVE-2016-8576)
   - A privileged guest user could cause an infinite loop in the ColdFire
     Fash Ethernet Controller emulation, causing a DoS situation on the host
     (boo#1003030, CVE-2016-7908)
   - A privileged guest user could cause an infinite loop in the AMD PC-Net
     II emulation, causing a DoS situation on the host (boo#1003032,
     CVE-2016-7909)
   - Cause a reload of clvm in the block-dmmd script to avoid a blocking
     lvchange call (boo#1002496)
   - Also unplug SCSI disks in qemu-xen-traditional for upstream unplug
     protocol. Before a single SCSI storage devices added to HVM guests could
     appear multiple times in the guest. (boo#953518)
   - Fix a kernel panic / black screen when trying to boot a XEN kernel on
     some UEFI firmwares (boo#1000195)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 13.2:

      zypper in -t patch openSUSE-2017-5=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 13.2 (i586 x86_64):

      xen-debugsource-4.4.4_06-58.1
      xen-devel-4.4.4_06-58.1
      xen-libs-4.4.4_06-58.1
      xen-libs-debuginfo-4.4.4_06-58.1
      xen-tools-domU-4.4.4_06-58.1
      xen-tools-domU-debuginfo-4.4.4_06-58.1

   - openSUSE 13.2 (x86_64):

      xen-4.4.4_06-58.1
      xen-doc-html-4.4.4_06-58.1
      xen-kmp-default-4.4.4_06_k3.16.7_53-58.1
      xen-kmp-default-debuginfo-4.4.4_06_k3.16.7_53-58.1
      xen-kmp-desktop-4.4.4_06_k3.16.7_53-58.1
      xen-kmp-desktop-debuginfo-4.4.4_06_k3.16.7_53-58.1
      xen-libs-32bit-4.4.4_06-58.1
      xen-libs-debuginfo-32bit-4.4.4_06-58.1
      xen-tools-4.4.4_06-58.1
      xen-tools-debuginfo-4.4.4_06-58.1


References:

   https://www.suse.com/security/cve/CVE-2016-10013.html
   https://www.suse.com/security/cve/CVE-2016-10024.html
   https://www.suse.com/security/cve/CVE-2016-7777.html
   https://www.suse.com/security/cve/CVE-2016-7908.html
   https://www.suse.com/security/cve/CVE-2016-7909.html
   https://www.suse.com/security/cve/CVE-2016-8576.html
   https://www.suse.com/security/cve/CVE-2016-8667.html
   https://www.suse.com/security/cve/CVE-2016-8669.html
   https://www.suse.com/security/cve/CVE-2016-8909.html
   https://www.suse.com/security/cve/CVE-2016-8910.html
   https://www.suse.com/security/cve/CVE-2016-9379.html
   https://www.suse.com/security/cve/CVE-2016-9380.html
   https://www.suse.com/security/cve/CVE-2016-9381.html
   https://www.suse.com/security/cve/CVE-2016-9382.html
   https://www.suse.com/security/cve/CVE-2016-9383.html
   https://www.suse.com/security/cve/CVE-2016-9385.html
   https://www.suse.com/security/cve/CVE-2016-9386.html
   https://www.suse.com/security/cve/CVE-2016-9637.html
   https://www.suse.com/security/cve/CVE-2016-9932.html
   https://bugzilla.suse.com/1000106
   https://bugzilla.suse.com/1000195
   https://bugzilla.suse.com/1002496
   https://bugzilla.suse.com/1003030
   https://bugzilla.suse.com/1003032
   https://bugzilla.suse.com/1004016
   https://bugzilla.suse.com/1005004
   https://bugzilla.suse.com/1005005
   https://bugzilla.suse.com/1007157
   https://bugzilla.suse.com/1007160
   https://bugzilla.suse.com/1009100
   https://bugzilla.suse.com/1009103
   https://bugzilla.suse.com/1009104
   https://bugzilla.suse.com/1009107
   https://bugzilla.suse.com/1009109
   https://bugzilla.suse.com/1009111
   https://bugzilla.suse.com/1011652
   https://bugzilla.suse.com/1012651
   https://bugzilla.suse.com/1014298
   https://bugzilla.suse.com/1016340
   https://bugzilla.suse.com/953518

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung