Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-8866 (GCVE-0-2014-8866)
Vulnerability from cvelistv5 – Published: 2014-12-01 15:00 – Updated: 2024-08-06 13:26
VLAI?
EPSS
Summary
The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:02.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201504-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-04"
},
{
"name": "62672",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62672"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX201794"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX200288"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-111.html"
},
{
"name": "DSA-3140",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3140"
},
{
"name": "openSUSE-SU-2015:0226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html"
},
{
"name": "openSUSE-SU-2015:0256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html"
},
{
"name": "71332",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71332"
},
{
"name": "59937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59937"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201504-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-04"
},
{
"name": "62672",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62672"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX201794"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX200288"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-111.html"
},
{
"name": "DSA-3140",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3140"
},
{
"name": "openSUSE-SU-2015:0226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html"
},
{
"name": "openSUSE-SU-2015:0256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html"
},
{
"name": "71332",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71332"
},
{
"name": "59937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59937"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201504-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-04"
},
{
"name": "62672",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62672"
},
{
"name": "http://support.citrix.com/article/CTX201794",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX201794"
},
{
"name": "http://support.citrix.com/article/CTX200288",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX200288"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-111.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-111.html"
},
{
"name": "DSA-3140",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3140"
},
{
"name": "openSUSE-SU-2015:0226",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html"
},
{
"name": "openSUSE-SU-2015:0256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html"
},
{
"name": "71332",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71332"
},
{
"name": "59937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59937"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8866",
"datePublished": "2014-12-01T15:00:00",
"dateReserved": "2014-11-14T00:00:00",
"dateUpdated": "2024-08-06T13:26:02.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB157D09-B91B-486A-A9F7-C9BA75AE8823\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA95119D-EAF1-48D4-AE7C-0C4927D06CDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D40E4E4-3FCB-4980-8DD2-49DDABCB398E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F7D1B7E-C30F-430F-832D-2A405DA1F2D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7C1D0AD-B804-474C-96A3-988BADA0DAD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DCD1F05-9F96-40DD-B506-750E87306325\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25B6AE42-E1EB-47A8-8FAF-7A93A67EC67F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60BADA43-94D5-4E80-B5C8-D01A0249F13E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"550223A9-B9F1-440A-8C25-9F0F76AF7301\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC734D58-96E5-4DD2-8781-F8E0ADB96462\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62CEC1BF-1922-410D-BCBA-C58199F574C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"923F2C2B-4A65-4823-B511-D0FEB7C7FAB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D532B60-C8DD-4A2F-9D05-E574D23EB754\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D83CA8B-8E49-45FA-8FAB-C15052474542\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27537DF5-7E0F-463F-BA87-46E329EE07AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EA4F978-9145-4FE6-B4F9-15207E52C40A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22A995FD-9B7F-4DF0-BECF-4B086E470F1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"219597E2-E2D7-4647-8A7C-688B96300158\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65E55950-EACA-4209-B2A1-E09026FC6006\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47640819-FC43-49ED-8A77-728C3D7255B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2448537F-87AD-45C1-9FB0-7A49CA31BD76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E36B2265-70E1-413B-A7CF-79D39E9ADCFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF948E6A-07BE-4C7D-8A98-002E89D35F4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0E23B94-1726-4F63-84BB-8D83FAB156D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1044792C-D544-457C-9391-4F3B5BAB978D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF23B21B-594A-42E2-AF90-D5C4246B39A4\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A10BC294-9196-425F-9FB0-B1625465B47F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03117DF1-3BEC-4B8D-AD63-DBBDB2126081\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.\"}, {\"lang\": \"es\", \"value\": \"La traducci\\u00f3n del argumento de hiperllamadas del modo de compatibilidad en Xen 3.3.x hasta 4.4.x, cuando funciona en un hipervisor de 64 bits, permite a invitados locales de HVM de 32 bits causar una denegaci\\u00f3n de servicio (ca\\u00edda del anfitri\\u00f3n) a trav\\u00e9s de vectores que involucran la alteraci\\u00f3n de las mitades altas de registros mientras en el modo de 64 bits.\"}]",
"id": "CVE-2014-8866",
"lastModified": "2024-11-21T02:19:51.723",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:N/I:N/A:C\", \"baseScore\": 4.7, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2014-12-01T15:59:08.797",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/59937\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/62672\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"http://support.citrix.com/article/CTX200288\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.citrix.com/article/CTX201794\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3140\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/71332\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://xenbits.xen.org/xsa/advisory-111.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201504-04\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/59937\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/62672\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"http://support.citrix.com/article/CTX200288\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.citrix.com/article/CTX201794\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3140\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/71332\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://xenbits.xen.org/xsa/advisory-111.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201504-04\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-17\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2014-8866\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-12-01T15:59:08.797\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.\"},{\"lang\":\"es\",\"value\":\"La traducci\u00f3n del argumento de hiperllamadas del modo de compatibilidad en Xen 3.3.x hasta 4.4.x, cuando funciona en un hipervisor de 64 bits, permite a invitados locales de HVM de 32 bits causar una denegaci\u00f3n de servicio (ca\u00edda del anfitri\u00f3n) a trav\u00e9s de vectores que involucran la alteraci\u00f3n de las mitades altas de registros mientras en el modo de 64 bits.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":4.7,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-17\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB157D09-B91B-486A-A9F7-C9BA75AE8823\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA95119D-EAF1-48D4-AE7C-0C4927D06CDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D40E4E4-3FCB-4980-8DD2-49DDABCB398E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F7D1B7E-C30F-430F-832D-2A405DA1F2D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7C1D0AD-B804-474C-96A3-988BADA0DAD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DCD1F05-9F96-40DD-B506-750E87306325\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B6AE42-E1EB-47A8-8FAF-7A93A67EC67F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60BADA43-94D5-4E80-B5C8-D01A0249F13E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"550223A9-B9F1-440A-8C25-9F0F76AF7301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC734D58-96E5-4DD2-8781-F8E0ADB96462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62CEC1BF-1922-410D-BCBA-C58199F574C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"923F2C2B-4A65-4823-B511-D0FEB7C7FAB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D532B60-C8DD-4A2F-9D05-E574D23EB754\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D83CA8B-8E49-45FA-8FAB-C15052474542\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27537DF5-7E0F-463F-BA87-46E329EE07AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EA4F978-9145-4FE6-B4F9-15207E52C40A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22A995FD-9B7F-4DF0-BECF-4B086E470F1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"219597E2-E2D7-4647-8A7C-688B96300158\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65E55950-EACA-4209-B2A1-E09026FC6006\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47640819-FC43-49ED-8A77-728C3D7255B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2448537F-87AD-45C1-9FB0-7A49CA31BD76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E36B2265-70E1-413B-A7CF-79D39E9ADCFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF948E6A-07BE-4C7D-8A98-002E89D35F4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0E23B94-1726-4F63-84BB-8D83FAB156D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1044792C-D544-457C-9391-4F3B5BAB978D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF23B21B-594A-42E2-AF90-D5C4246B39A4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10BC294-9196-425F-9FB0-B1625465B47F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03117DF1-3BEC-4B8D-AD63-DBBDB2126081\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59937\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/62672\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://support.citrix.com/article/CTX200288\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.citrix.com/article/CTX201794\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3140\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/71332\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://xenbits.xen.org/xsa/advisory-111.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201504-04\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59937\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/62672\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://support.citrix.com/article/CTX200288\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.citrix.com/article/CTX201794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3140\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/71332\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://xenbits.xen.org/xsa/advisory-111.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201504-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
GHSA-GQM4-JX6M-62VQ
Vulnerability from github – Published: 2022-05-14 02:05 – Updated: 2022-05-14 02:05
VLAI?
Details
The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.
{
"affected": [],
"aliases": [
"CVE-2014-8866"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2014-12-01T15:59:00Z",
"severity": "MODERATE"
},
"details": "The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.",
"id": "GHSA-gqm4-jx6m-62vq",
"modified": "2022-05-14T02:05:36Z",
"published": "2022-05-14T02:05:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8866"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201504-04"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/59937"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/62672"
},
{
"type": "WEB",
"url": "http://support.citrix.com/article/CTX200288"
},
{
"type": "WEB",
"url": "http://support.citrix.com/article/CTX201794"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3140"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/71332"
},
{
"type": "WEB",
"url": "http://xenbits.xen.org/xsa/advisory-111.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
CERTFR-2014-AVI-504
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Citrix XenServer. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "XenServer 6.1.0",
"product": {
"name": "XenServer",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "XenServer 6.2.0",
"product": {
"name": "XenServer",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "XenServer 6.0.2",
"product": {
"name": "XenServer",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "XenServer 6.0",
"product": {
"name": "XenServer",
"vendor": {
"name": "Citrix",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2014-8866",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8866"
},
{
"name": "CVE-2014-8867",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8867"
},
{
"name": "CVE-2014-8595",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8595"
},
{
"name": "CVE-2014-1666",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1666"
}
],
"links": [],
"reference": "CERTFR-2014-AVI-504",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2014-12-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eCitrix XenServer\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer un contournement de la politique de s\u00e9curit\u00e9 et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix XenServer",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX200288 du 03 d\u00e9cembre 2014",
"url": "http://support.citrix.com/article/CTX200288"
}
]
}
CERTFR-2014-AVI-504
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Citrix XenServer. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "XenServer 6.1.0",
"product": {
"name": "XenServer",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "XenServer 6.2.0",
"product": {
"name": "XenServer",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "XenServer 6.0.2",
"product": {
"name": "XenServer",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "XenServer 6.0",
"product": {
"name": "XenServer",
"vendor": {
"name": "Citrix",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2014-8866",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8866"
},
{
"name": "CVE-2014-8867",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8867"
},
{
"name": "CVE-2014-8595",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8595"
},
{
"name": "CVE-2014-1666",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1666"
}
],
"links": [],
"reference": "CERTFR-2014-AVI-504",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2014-12-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eCitrix XenServer\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer un contournement de la politique de s\u00e9curit\u00e9 et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix XenServer",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX200288 du 03 d\u00e9cembre 2014",
"url": "http://support.citrix.com/article/CTX200288"
}
]
}
SUSE-SU-2015:0940-1
Vulnerability from csaf_suse - Published: 2012-11-22 17:59 - Updated: 2012-11-22 17:59Summary
Security update for Xen
Notes
Title of the patch
Security update for Xen
Description of the patch
This update fixes the following security issues in Xen:
* CVE-2012-5510: Grant table version switch list corruption
vulnerability (XSA-26)
* CVE-2012-5511: Several HVM operations do not validate the range of
their inputs (XSA-27)
* CVE-2012-5513: XENMEM_exchange may overwrite hypervisor memory
(XSA-29)
* CVE-2012-5514: Missing unlock in
guest_physmap_mark_populate_on_demand() (XSA-30)
* CVE-2012-5515: Several memory hypercall operations allow invalid
extent order values (XSA-31)
Also the following fix has been applied:
* bnc#777628 - guest 'disappears' after live migration
Updated block-dmmd script
Security Issues references:
* CVE-2012-5513
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5513>
* CVE-2012-5514
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5514>
* CVE-2012-5511
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5511>
* CVE-2012-5510
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5510>
* CVE-2012-5515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5515>
Patchnames
slessp1-xen
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Xen",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following security issues in Xen:\n\n * CVE-2012-5510: Grant table version switch list corruption\n vulnerability (XSA-26)\n * CVE-2012-5511: Several HVM operations do not validate the range of\n their inputs (XSA-27)\n * CVE-2012-5513: XENMEM_exchange may overwrite hypervisor memory\n (XSA-29)\n * CVE-2012-5514: Missing unlock in\n guest_physmap_mark_populate_on_demand() (XSA-30)\n * CVE-2012-5515: Several memory hypercall operations allow invalid\n extent order values (XSA-31)\n\nAlso the following fix has been applied:\n\n * bnc#777628 - guest \u0027disappears\u0027 after live migration\n Updated block-dmmd script\n\nSecurity Issues references:\n\n * CVE-2012-5513\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5513\u003e\n * CVE-2012-5514\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5514\u003e\n * CVE-2012-5511\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5511\u003e\n * CVE-2012-5510\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5510\u003e\n * CVE-2012-5515\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5515\u003e\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp1-xen",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0940-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:0940-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150940-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:0940-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-May/001404.html"
},
{
"category": "self",
"summary": "SUSE Bug 777628",
"url": "https://bugzilla.suse.com/777628"
},
{
"category": "self",
"summary": "SUSE Bug 789944",
"url": "https://bugzilla.suse.com/789944"
},
{
"category": "self",
"summary": "SUSE Bug 789945",
"url": "https://bugzilla.suse.com/789945"
},
{
"category": "self",
"summary": "SUSE Bug 789948",
"url": "https://bugzilla.suse.com/789948"
},
{
"category": "self",
"summary": "SUSE Bug 789950",
"url": "https://bugzilla.suse.com/789950"
},
{
"category": "self",
"summary": "SUSE Bug 789951",
"url": "https://bugzilla.suse.com/789951"
},
{
"category": "self",
"summary": "SUSE Bug 826717",
"url": "https://bugzilla.suse.com/826717"
},
{
"category": "self",
"summary": "SUSE Bug 880751",
"url": "https://bugzilla.suse.com/880751"
},
{
"category": "self",
"summary": "SUSE Bug 895798",
"url": "https://bugzilla.suse.com/895798"
},
{
"category": "self",
"summary": "SUSE Bug 895799",
"url": "https://bugzilla.suse.com/895799"
},
{
"category": "self",
"summary": "SUSE Bug 895802",
"url": "https://bugzilla.suse.com/895802"
},
{
"category": "self",
"summary": "SUSE Bug 903850",
"url": "https://bugzilla.suse.com/903850"
},
{
"category": "self",
"summary": "SUSE Bug 903967",
"url": "https://bugzilla.suse.com/903967"
},
{
"category": "self",
"summary": "SUSE Bug 903970",
"url": "https://bugzilla.suse.com/903970"
},
{
"category": "self",
"summary": "SUSE Bug 905465",
"url": "https://bugzilla.suse.com/905465"
},
{
"category": "self",
"summary": "SUSE Bug 905467",
"url": "https://bugzilla.suse.com/905467"
},
{
"category": "self",
"summary": "SUSE Bug 906439",
"url": "https://bugzilla.suse.com/906439"
},
{
"category": "self",
"summary": "SUSE Bug 927967",
"url": "https://bugzilla.suse.com/927967"
},
{
"category": "self",
"summary": "SUSE Bug 929339",
"url": "https://bugzilla.suse.com/929339"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5510 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5511 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5513 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5514 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5515 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-3495 page",
"url": "https://www.suse.com/security/cve/CVE-2013-3495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-4021 page",
"url": "https://www.suse.com/security/cve/CVE-2014-4021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-7154 page",
"url": "https://www.suse.com/security/cve/CVE-2014-7154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-7155 page",
"url": "https://www.suse.com/security/cve/CVE-2014-7155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-7156 page",
"url": "https://www.suse.com/security/cve/CVE-2014-7156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8594 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8595 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8866 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8867 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9030 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3340 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3456 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3456/"
}
],
"title": "Security update for Xen",
"tracking": {
"current_release_date": "2012-11-22T17:59:15Z",
"generator": {
"date": "2012-11-22T17:59:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:0940-1",
"initial_release_date": "2012-11-22T17:59:15Z",
"revision_history": [
{
"date": "2012-11-22T17:59:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xen-4.0.3_21548_12-0.3.1.i586",
"product": {
"name": "xen-4.0.3_21548_12-0.3.1.i586",
"product_id": "xen-4.0.3_21548_12-0.3.1.i586"
}
},
{
"category": "product_version",
"name": "xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"product": {
"name": "xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"product_id": "xen-doc-html-4.0.3_21548_12-0.3.1.i586"
}
},
{
"category": "product_version",
"name": "xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"product": {
"name": "xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"product_id": "xen-doc-pdf-4.0.3_21548_12-0.3.1.i586"
}
},
{
"category": "product_version",
"name": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"product": {
"name": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"product_id": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586"
}
},
{
"category": "product_version",
"name": "xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"product": {
"name": "xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"product_id": "xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586"
}
},
{
"category": "product_version",
"name": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"product": {
"name": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"product_id": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586"
}
},
{
"category": "product_version",
"name": "xen-libs-4.0.3_21548_12-0.3.1.i586",
"product": {
"name": "xen-libs-4.0.3_21548_12-0.3.1.i586",
"product_id": "xen-libs-4.0.3_21548_12-0.3.1.i586"
}
},
{
"category": "product_version",
"name": "xen-tools-4.0.3_21548_12-0.3.1.i586",
"product": {
"name": "xen-tools-4.0.3_21548_12-0.3.1.i586",
"product_id": "xen-tools-4.0.3_21548_12-0.3.1.i586"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"product": {
"name": "xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"product_id": "xen-tools-domU-4.0.3_21548_12-0.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "xen-4.0.3_21548_12-0.3.1.x86_64",
"product": {
"name": "xen-4.0.3_21548_12-0.3.1.x86_64",
"product_id": "xen-4.0.3_21548_12-0.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"product": {
"name": "xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"product_id": "xen-doc-html-4.0.3_21548_12-0.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"product": {
"name": "xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"product_id": "xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"product": {
"name": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"product_id": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"product": {
"name": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"product_id": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"product": {
"name": "xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"product_id": "xen-libs-4.0.3_21548_12-0.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"product": {
"name": "xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"product_id": "xen-tools-4.0.3_21548_12-0.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"product": {
"name": "xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"product_id": "xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp1:teradata"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-html-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-html-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-pdf-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586"
},
"product_reference": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64"
},
"product_reference": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586"
},
"product_reference": "xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586"
},
"product_reference": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64"
},
"product_reference": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-libs-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-tools-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-html-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-html-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-pdf-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586"
},
"product_reference": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64"
},
"product_reference": "xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586"
},
"product_reference": "xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586"
},
"product_reference": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64"
},
"product_reference": "xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-libs-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-tools-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.0.3_21548_12-0.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586"
},
"product_reference": "xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
},
"product_reference": "xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-5510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5510"
}
],
"notes": [
{
"category": "general",
"text": "Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5510",
"url": "https://www.suse.com/security/cve/CVE-2012-5510"
},
{
"category": "external",
"summary": "SUSE Bug 789945 for CVE-2012-5510",
"url": "https://bugzilla.suse.com/789945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2012-5510"
},
{
"cve": "CVE-2012-5511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5511"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5511",
"url": "https://www.suse.com/security/cve/CVE-2012-5511"
},
{
"category": "external",
"summary": "SUSE Bug 789944 for CVE-2012-5511",
"url": "https://bugzilla.suse.com/789944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2012-5511"
},
{
"cve": "CVE-2012-5513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5513"
}
],
"notes": [
{
"category": "general",
"text": "The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5513",
"url": "https://www.suse.com/security/cve/CVE-2012-5513"
},
{
"category": "external",
"summary": "SUSE Bug 789951 for CVE-2012-5513",
"url": "https://bugzilla.suse.com/789951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2012-5513"
},
{
"cve": "CVE-2012-5514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5514"
}
],
"notes": [
{
"category": "general",
"text": "The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5514",
"url": "https://www.suse.com/security/cve/CVE-2012-5514"
},
{
"category": "external",
"summary": "SUSE Bug 789948 for CVE-2012-5514",
"url": "https://bugzilla.suse.com/789948"
},
{
"category": "external",
"summary": "SUSE Bug 789988 for CVE-2012-5514",
"url": "https://bugzilla.suse.com/789988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2012-5514"
},
{
"cve": "CVE-2012-5515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5515"
}
],
"notes": [
{
"category": "general",
"text": "The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5515",
"url": "https://www.suse.com/security/cve/CVE-2012-5515"
},
{
"category": "external",
"summary": "SUSE Bug 789950 for CVE-2012-5515",
"url": "https://bugzilla.suse.com/789950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2012-5515"
},
{
"cve": "CVE-2013-3495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-3495"
}
],
"notes": [
{
"category": "general",
"text": "The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting (SERR) Non-Maskable Interrupt (NMI).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-3495",
"url": "https://www.suse.com/security/cve/CVE-2013-3495"
},
{
"category": "external",
"summary": "SUSE Bug 826717 for CVE-2013-3495",
"url": "https://bugzilla.suse.com/826717"
},
{
"category": "external",
"summary": "SUSE Bug 903970 for CVE-2013-3495",
"url": "https://bugzilla.suse.com/903970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2013-3495"
},
{
"cve": "CVE-2014-4021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-4021"
}
],
"notes": [
{
"category": "general",
"text": "Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-4021",
"url": "https://www.suse.com/security/cve/CVE-2014-4021"
},
{
"category": "external",
"summary": "SUSE Bug 880751 for CVE-2014-4021",
"url": "https://bugzilla.suse.com/880751"
},
{
"category": "external",
"summary": "SUSE Bug 903970 for CVE-2014-4021",
"url": "https://bugzilla.suse.com/903970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "low"
}
],
"title": "CVE-2014-4021"
},
{
"cve": "CVE-2014-7154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-7154"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-7154",
"url": "https://www.suse.com/security/cve/CVE-2014-7154"
},
{
"category": "external",
"summary": "SUSE Bug 880751 for CVE-2014-7154",
"url": "https://bugzilla.suse.com/880751"
},
{
"category": "external",
"summary": "SUSE Bug 895798 for CVE-2014-7154",
"url": "https://bugzilla.suse.com/895798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2014-7154"
},
{
"cve": "CVE-2014-7155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-7155"
}
],
"notes": [
{
"category": "general",
"text": "The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-7155",
"url": "https://www.suse.com/security/cve/CVE-2014-7155"
},
{
"category": "external",
"summary": "SUSE Bug 880751 for CVE-2014-7155",
"url": "https://bugzilla.suse.com/880751"
},
{
"category": "external",
"summary": "SUSE Bug 895799 for CVE-2014-7155",
"url": "https://bugzilla.suse.com/895799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2014-7155"
},
{
"cve": "CVE-2014-7156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-7156"
}
],
"notes": [
{
"category": "general",
"text": "The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-7156",
"url": "https://www.suse.com/security/cve/CVE-2014-7156"
},
{
"category": "external",
"summary": "SUSE Bug 880751 for CVE-2014-7156",
"url": "https://bugzilla.suse.com/880751"
},
{
"category": "external",
"summary": "SUSE Bug 895802 for CVE-2014-7156",
"url": "https://bugzilla.suse.com/895802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "low"
}
],
"title": "CVE-2014-7156"
},
{
"cve": "CVE-2014-8594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8594"
}
],
"notes": [
{
"category": "general",
"text": "The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging (HAP).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8594",
"url": "https://www.suse.com/security/cve/CVE-2014-8594"
},
{
"category": "external",
"summary": "SUSE Bug 903967 for CVE-2014-8594",
"url": "https://bugzilla.suse.com/903967"
},
{
"category": "external",
"summary": "SUSE Bug 903970 for CVE-2014-8594",
"url": "https://bugzilla.suse.com/903970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2014-8594"
},
{
"cve": "CVE-2014-8595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8595"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8595",
"url": "https://www.suse.com/security/cve/CVE-2014-8595"
},
{
"category": "external",
"summary": "SUSE Bug 903970 for CVE-2014-8595",
"url": "https://bugzilla.suse.com/903970"
},
{
"category": "external",
"summary": "SUSE Bug 907649 for CVE-2014-8595",
"url": "https://bugzilla.suse.com/907649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "low"
}
],
"title": "CVE-2014-8595"
},
{
"cve": "CVE-2014-8866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8866"
}
],
"notes": [
{
"category": "general",
"text": "The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8866",
"url": "https://www.suse.com/security/cve/CVE-2014-8866"
},
{
"category": "external",
"summary": "SUSE Bug 903970 for CVE-2014-8866",
"url": "https://bugzilla.suse.com/903970"
},
{
"category": "external",
"summary": "SUSE Bug 905465 for CVE-2014-8866",
"url": "https://bugzilla.suse.com/905465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2014-8866"
},
{
"cve": "CVE-2014-8867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8867"
}
],
"notes": [
{
"category": "general",
"text": "The acceleration support for the \"REP MOVS\" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8867",
"url": "https://www.suse.com/security/cve/CVE-2014-8867"
},
{
"category": "external",
"summary": "SUSE Bug 903970 for CVE-2014-8867",
"url": "https://bugzilla.suse.com/903970"
},
{
"category": "external",
"summary": "SUSE Bug 905467 for CVE-2014-8867",
"url": "https://bugzilla.suse.com/905467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2014-8867"
},
{
"cve": "CVE-2014-9030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9030"
}
],
"notes": [
{
"category": "general",
"text": "The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9030",
"url": "https://www.suse.com/security/cve/CVE-2014-9030"
},
{
"category": "external",
"summary": "SUSE Bug 903970 for CVE-2014-9030",
"url": "https://bugzilla.suse.com/903970"
},
{
"category": "external",
"summary": "SUSE Bug 906439 for CVE-2014-9030",
"url": "https://bugzilla.suse.com/906439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "important"
}
],
"title": "CVE-2014-9030"
},
{
"cve": "CVE-2015-3340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3340"
}
],
"notes": [
{
"category": "general",
"text": "Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3340",
"url": "https://www.suse.com/security/cve/CVE-2015-3340"
},
{
"category": "external",
"summary": "SUSE Bug 927967 for CVE-2015-3340",
"url": "https://bugzilla.suse.com/927967"
},
{
"category": "external",
"summary": "SUSE Bug 929339 for CVE-2015-3340",
"url": "https://bugzilla.suse.com/929339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "low"
}
],
"title": "CVE-2015-3340"
},
{
"cve": "CVE-2015-3456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3456"
}
],
"notes": [
{
"category": "general",
"text": "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3456",
"url": "https://www.suse.com/security/cve/CVE-2015-3456"
},
{
"category": "external",
"summary": "SUSE Bug 929339 for CVE-2015-3456",
"url": "https://bugzilla.suse.com/929339"
},
{
"category": "external",
"summary": "SUSE Bug 932770 for CVE-2015-3456",
"url": "https://bugzilla.suse.com/932770"
},
{
"category": "external",
"summary": "SUSE Bug 935900 for CVE-2015-3456",
"url": "https://bugzilla.suse.com/935900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-html-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-doc-pdf-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-default-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.21.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-kmp-trace-4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-libs-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-4.0.3_21548_12-0.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:xen-tools-domU-4.0.3_21548_12-0.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2012-11-22T17:59:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-3456"
}
]
}
GSD-2014-8866
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-8866",
"description": "The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.",
"id": "GSD-2014-8866",
"references": [
"https://www.suse.com/security/cve/CVE-2014-8866.html",
"https://www.debian.org/security/2015/dsa-3140",
"https://linux.oracle.com/cve/CVE-2014-8866.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2014-8866"
],
"details": "The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.",
"id": "GSD-2014-8866",
"modified": "2023-12-13T01:22:49.656762Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201504-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-04"
},
{
"name": "62672",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62672"
},
{
"name": "http://support.citrix.com/article/CTX201794",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX201794"
},
{
"name": "http://support.citrix.com/article/CTX200288",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX200288"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-111.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-111.html"
},
{
"name": "DSA-3140",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3140"
},
{
"name": "openSUSE-SU-2015:0226",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html"
},
{
"name": "openSUSE-SU-2015:0256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html"
},
{
"name": "71332",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71332"
},
{
"name": "59937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59937"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:xen:xen:3.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:3.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:3.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:3.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8866"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xenbits.xen.org/xsa/advisory-111.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-111.html"
},
{
"name": "71332",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71332"
},
{
"name": "59937",
"refsource": "SECUNIA",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59937"
},
{
"name": "62672",
"refsource": "SECUNIA",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62672"
},
{
"name": "DSA-3140",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3140"
},
{
"name": "openSUSE-SU-2015:0256",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0226",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html"
},
{
"name": "http://support.citrix.com/article/CTX201794",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX201794"
},
{
"name": "GLSA-201504-04",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-04"
},
{
"name": "http://support.citrix.com/article/CTX200288",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.citrix.com/article/CTX200288"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-30T16:27Z",
"publishedDate": "2014-12-01T15:59Z"
}
}
}
FKIE_CVE-2014-8866
Vulnerability from fkie_nvd - Published: 2014-12-01 15:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| xen | xen | 3.3.0 | |
| xen | xen | 3.3.1 | |
| xen | xen | 3.3.2 | |
| xen | xen | 3.4.0 | |
| xen | xen | 3.4.1 | |
| xen | xen | 3.4.2 | |
| xen | xen | 3.4.3 | |
| xen | xen | 3.4.4 | |
| xen | xen | 4.0.0 | |
| xen | xen | 4.0.1 | |
| xen | xen | 4.0.2 | |
| xen | xen | 4.0.3 | |
| xen | xen | 4.0.4 | |
| xen | xen | 4.1.0 | |
| xen | xen | 4.1.1 | |
| xen | xen | 4.1.2 | |
| xen | xen | 4.1.3 | |
| xen | xen | 4.1.4 | |
| xen | xen | 4.1.5 | |
| xen | xen | 4.1.6.1 | |
| xen | xen | 4.2.0 | |
| xen | xen | 4.2.1 | |
| xen | xen | 4.2.2 | |
| xen | xen | 4.2.3 | |
| xen | xen | 4.3.0 | |
| xen | xen | 4.3.1 | |
| xen | xen | 4.4.0 | |
| xen | xen | 4.4.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB157D09-B91B-486A-A9F7-C9BA75AE8823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA95119D-EAF1-48D4-AE7C-0C4927D06CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D40E4E4-3FCB-4980-8DD2-49DDABCB398E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7D1B7E-C30F-430F-832D-2A405DA1F2D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7C1D0AD-B804-474C-96A3-988BADA0DAD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCD1F05-9F96-40DD-B506-750E87306325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25B6AE42-E1EB-47A8-8FAF-7A93A67EC67F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "60BADA43-94D5-4E80-B5C8-D01A0249F13E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC734D58-96E5-4DD2-8781-F8E0ADB96462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62CEC1BF-1922-410D-BCBA-C58199F574C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "923F2C2B-4A65-4823-B511-D0FEB7C7FAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27537DF5-7E0F-463F-BA87-46E329EE07AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA4F978-9145-4FE6-B4F9-15207E52C40A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22A995FD-9B7F-4DF0-BECF-4B086E470F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "219597E2-E2D7-4647-8A7C-688B96300158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65E55950-EACA-4209-B2A1-E09026FC6006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47640819-FC43-49ED-8A77-728C3D7255B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2448537F-87AD-45C1-9FB0-7A49CA31BD76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E36B2265-70E1-413B-A7CF-79D39E9ADCFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF948E6A-07BE-4C7D-8A98-002E89D35F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E23B94-1726-4F63-84BB-8D83FAB156D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1044792C-D544-457C-9391-4F3B5BAB978D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CF23B21B-594A-42E2-AF90-D5C4246B39A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode."
},
{
"lang": "es",
"value": "La traducci\u00f3n del argumento de hiperllamadas del modo de compatibilidad en Xen 3.3.x hasta 4.4.x, cuando funciona en un hipervisor de 64 bits, permite a invitados locales de HVM de 32 bits causar una denegaci\u00f3n de servicio (ca\u00edda del anfitri\u00f3n) a trav\u00e9s de vectores que involucran la alteraci\u00f3n de las mitades altas de registros mientras en el modo de 64 bits."
}
],
"id": "CVE-2014-8866",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-01T15:59:08.797",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59937"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62672"
},
{
"source": "cve@mitre.org",
"url": "http://support.citrix.com/article/CTX200288"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX201794"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3140"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71332"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-111.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.citrix.com/article/CTX200288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX201794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-111.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201504-04"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…