suse-su-2015:1894-1
Vulnerability from csaf_suse
Published
2015-10-29 16:40
Modified
2015-10-29 16:40
Summary
Security update for xen
Notes
Title of the patch
Security update for xen
Description of the patch
xen was updated to version 4.4.3 to fix nine security issues.
These security issues were fixed:
- CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267).
- CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367).
- CVE-2015-7311: libxl in Xen did not properly handle the readonly flag on disks when using the qemu-xen device model, which allowed local guest users to write to a read-only disk image (bsc#947165).
- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).
- CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697).
- CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703).
- CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705).
- CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706).
These non-security issues were fixed:
- bsc#907514: Bus fatal error: SLES 12 sudden reboot has been observed
- bsc#910258: SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC
- bsc#918984: Bus fatal error: SLES11-SP4 sudden reboot has been observed
- bsc#923967: Partner-L3: Bus fatal error: SLES11-SP3 sudden reboot has been observed
- bnc#901488: Intel ixgbe driver assigns rx/tx queues per core resulting in irq problems on servers with a large amount of CPU cores
- bsc#945167: Running command: xl pci-assignable-add 03:10.1 secondly show errors
- bsc#949138: Setting vcpu affinity under Xen causes libvirtd abort
- bsc#949549: xm create hangs when maxmen value is enclosed in quotes
Patchnames
sdksp4-xen-12184,sledsp4-xen-12184,slessp4-xen-12184
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for xen",
"title": "Title of the patch"
},
{
"category": "description",
"text": "xen was updated to version 4.4.3 to fix nine security issues.\n\nThese security issues were fixed:\n- CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267).\n- CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).\n- CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367).\n- CVE-2015-7311: libxl in Xen did not properly handle the readonly flag on disks when using the qemu-xen device model, which allowed local guest users to write to a read-only disk image (bsc#947165).\n- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).\n- CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697).\n- CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703).\n- CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705).\n- CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706).\n\nThese non-security issues were fixed:\n- bsc#907514: Bus fatal error: SLES 12 sudden reboot has been observed\n- bsc#910258: SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC\n- bsc#918984: Bus fatal error: SLES11-SP4 sudden reboot has been observed\n- bsc#923967: Partner-L3: Bus fatal error: SLES11-SP3 sudden reboot has been observed\n- bnc#901488: Intel ixgbe driver assigns rx/tx queues per core resulting in irq problems on servers with a large amount of CPU cores\n- bsc#945167: Running command: xl pci-assignable-add 03:10.1 secondly show errors\n- bsc#949138: Setting vcpu affinity under Xen causes libvirtd abort\n- bsc#949549: xm create hangs when maxmen value is enclosed in quotes\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-xen-12184,sledsp4-xen-12184,slessp4-xen-12184",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1894-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1894-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151894-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1894-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-November/001665.html"
},
{
"category": "self",
"summary": "SUSE Bug 877642",
"url": "https://bugzilla.suse.com/877642"
},
{
"category": "self",
"summary": "SUSE Bug 901488",
"url": "https://bugzilla.suse.com/901488"
},
{
"category": "self",
"summary": "SUSE Bug 907514",
"url": "https://bugzilla.suse.com/907514"
},
{
"category": "self",
"summary": "SUSE Bug 910258",
"url": "https://bugzilla.suse.com/910258"
},
{
"category": "self",
"summary": "SUSE Bug 918984",
"url": "https://bugzilla.suse.com/918984"
},
{
"category": "self",
"summary": "SUSE Bug 923967",
"url": "https://bugzilla.suse.com/923967"
},
{
"category": "self",
"summary": "SUSE Bug 932267",
"url": "https://bugzilla.suse.com/932267"
},
{
"category": "self",
"summary": "SUSE Bug 944463",
"url": "https://bugzilla.suse.com/944463"
},
{
"category": "self",
"summary": "SUSE Bug 944697",
"url": "https://bugzilla.suse.com/944697"
},
{
"category": "self",
"summary": "SUSE Bug 945167",
"url": "https://bugzilla.suse.com/945167"
},
{
"category": "self",
"summary": "SUSE Bug 947165",
"url": "https://bugzilla.suse.com/947165"
},
{
"category": "self",
"summary": "SUSE Bug 949138",
"url": "https://bugzilla.suse.com/949138"
},
{
"category": "self",
"summary": "SUSE Bug 949549",
"url": "https://bugzilla.suse.com/949549"
},
{
"category": "self",
"summary": "SUSE Bug 950367",
"url": "https://bugzilla.suse.com/950367"
},
{
"category": "self",
"summary": "SUSE Bug 950703",
"url": "https://bugzilla.suse.com/950703"
},
{
"category": "self",
"summary": "SUSE Bug 950705",
"url": "https://bugzilla.suse.com/950705"
},
{
"category": "self",
"summary": "SUSE Bug 950706",
"url": "https://bugzilla.suse.com/950706"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0222 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4037 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5239 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-6815 page",
"url": "https://www.suse.com/security/cve/CVE-2015-6815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7311 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7311/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7835 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7969 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7971 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7971/"
}
],
"title": "Security update for xen",
"tracking": {
"current_release_date": "2015-10-29T16:40:59Z",
"generator": {
"date": "2015-10-29T16:40:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1894-1",
"initial_release_date": "2015-10-29T16:40:59Z",
"revision_history": [
{
"date": "2015-10-29T16:40:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xen-devel-4.4.3_02-26.2.i586",
"product": {
"name": "xen-devel-4.4.3_02-26.2.i586",
"product_id": "xen-devel-4.4.3_02-26.2.i586"
}
},
{
"category": "product_version",
"name": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"product": {
"name": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"product_id": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586"
}
},
{
"category": "product_version",
"name": "xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"product": {
"name": "xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"product_id": "xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586"
}
},
{
"category": "product_version",
"name": "xen-libs-4.4.3_02-26.2.i586",
"product": {
"name": "xen-libs-4.4.3_02-26.2.i586",
"product_id": "xen-libs-4.4.3_02-26.2.i586"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.4.3_02-26.2.i586",
"product": {
"name": "xen-tools-domU-4.4.3_02-26.2.i586",
"product_id": "xen-tools-domU-4.4.3_02-26.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "xen-devel-4.4.3_02-26.2.x86_64",
"product": {
"name": "xen-devel-4.4.3_02-26.2.x86_64",
"product_id": "xen-devel-4.4.3_02-26.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-4.4.3_02-26.2.x86_64",
"product": {
"name": "xen-4.4.3_02-26.2.x86_64",
"product_id": "xen-4.4.3_02-26.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-doc-html-4.4.3_02-26.2.x86_64",
"product": {
"name": "xen-doc-html-4.4.3_02-26.2.x86_64",
"product_id": "xen-doc-html-4.4.3_02-26.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"product": {
"name": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"product_id": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-libs-4.4.3_02-26.2.x86_64",
"product": {
"name": "xen-libs-4.4.3_02-26.2.x86_64",
"product_id": "xen-libs-4.4.3_02-26.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-libs-32bit-4.4.3_02-26.2.x86_64",
"product": {
"name": "xen-libs-32bit-4.4.3_02-26.2.x86_64",
"product_id": "xen-libs-32bit-4.4.3_02-26.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-4.4.3_02-26.2.x86_64",
"product": {
"name": "xen-tools-4.4.3_02-26.2.x86_64",
"product_id": "xen-tools-4.4.3_02-26.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.4.3_02-26.2.x86_64",
"product": {
"name": "xen-tools-domU-4.4.3_02-26.2.x86_64",
"product_id": "xen-tools-domU-4.4.3_02-26.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sled:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-devel-4.4.3_02-26.2.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586"
},
"product_reference": "xen-devel-4.4.3_02-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-devel-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-devel-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-html-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-doc-html-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586"
},
"product_reference": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64"
},
"product_reference": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586"
},
"product_reference": "xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.4.3_02-26.2.i586 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586"
},
"product_reference": "xen-libs-4.4.3_02-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-libs-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-32bit-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-libs-32bit-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-tools-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.4.3_02-26.2.i586 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586"
},
"product_reference": "xen-tools-domU-4.4.3_02-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-tools-domU-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-html-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-doc-html-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586"
},
"product_reference": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64"
},
"product_reference": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586"
},
"product_reference": "xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.4.3_02-26.2.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586"
},
"product_reference": "xen-libs-4.4.3_02-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-libs-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-32bit-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-libs-32bit-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-tools-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.4.3_02-26.2.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586"
},
"product_reference": "xen-tools-domU-4.4.3_02-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-tools-domU-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-html-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-doc-html-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586"
},
"product_reference": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64"
},
"product_reference": "xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586"
},
"product_reference": "xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.4.3_02-26.2.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586"
},
"product_reference": "xen-libs-4.4.3_02-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-libs-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-32bit-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-libs-32bit-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-tools-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.4.3_02-26.2.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586"
},
"product_reference": "xen-tools-domU-4.4.3_02-26.2.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.4.3_02-26.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64"
},
"product_reference": "xen-tools-domU-4.4.3_02-26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-0222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0222"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0222",
"url": "https://www.suse.com/security/cve/CVE-2014-0222"
},
{
"category": "external",
"summary": "SUSE Bug 1072223 for CVE-2014-0222",
"url": "https://bugzilla.suse.com/1072223"
},
{
"category": "external",
"summary": "SUSE Bug 877642 for CVE-2014-0222",
"url": "https://bugzilla.suse.com/877642"
},
{
"category": "external",
"summary": "SUSE Bug 950367 for CVE-2014-0222",
"url": "https://bugzilla.suse.com/950367"
},
{
"category": "external",
"summary": "SUSE Bug 964925 for CVE-2014-0222",
"url": "https://bugzilla.suse.com/964925"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-10-29T16:40:59Z",
"details": "moderate"
}
],
"title": "CVE-2014-0222"
},
{
"cve": "CVE-2015-4037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4037"
}
],
"notes": [
{
"category": "general",
"text": "The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4037",
"url": "https://www.suse.com/security/cve/CVE-2015-4037"
},
{
"category": "external",
"summary": "SUSE Bug 932267 for CVE-2015-4037",
"url": "https://bugzilla.suse.com/932267"
},
{
"category": "external",
"summary": "SUSE Bug 950367 for CVE-2015-4037",
"url": "https://bugzilla.suse.com/950367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-10-29T16:40:59Z",
"details": "low"
}
],
"title": "CVE-2015-4037"
},
{
"cve": "CVE-2015-5239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5239"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5239",
"url": "https://www.suse.com/security/cve/CVE-2015-5239"
},
{
"category": "external",
"summary": "SUSE Bug 944463 for CVE-2015-5239",
"url": "https://bugzilla.suse.com/944463"
},
{
"category": "external",
"summary": "SUSE Bug 950367 for CVE-2015-5239",
"url": "https://bugzilla.suse.com/950367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-10-29T16:40:59Z",
"details": "moderate"
}
],
"title": "CVE-2015-5239"
},
{
"cve": "CVE-2015-6815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-6815"
}
],
"notes": [
{
"category": "general",
"text": "The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-6815",
"url": "https://www.suse.com/security/cve/CVE-2015-6815"
},
{
"category": "external",
"summary": "SUSE Bug 944697 for CVE-2015-6815",
"url": "https://bugzilla.suse.com/944697"
},
{
"category": "external",
"summary": "SUSE Bug 950367 for CVE-2015-6815",
"url": "https://bugzilla.suse.com/950367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-10-29T16:40:59Z",
"details": "low"
}
],
"title": "CVE-2015-6815"
},
{
"cve": "CVE-2015-7311",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7311"
}
],
"notes": [
{
"category": "general",
"text": "libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7311",
"url": "https://www.suse.com/security/cve/CVE-2015-7311"
},
{
"category": "external",
"summary": "SUSE Bug 947165 for CVE-2015-7311",
"url": "https://bugzilla.suse.com/947165"
},
{
"category": "external",
"summary": "SUSE Bug 950367 for CVE-2015-7311",
"url": "https://bugzilla.suse.com/950367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-10-29T16:40:59Z",
"details": "low"
}
],
"title": "CVE-2015-7311"
},
{
"cve": "CVE-2015-7835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7835"
}
],
"notes": [
{
"category": "general",
"text": "The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7835",
"url": "https://www.suse.com/security/cve/CVE-2015-7835"
},
{
"category": "external",
"summary": "SUSE Bug 940929 for CVE-2015-7835",
"url": "https://bugzilla.suse.com/940929"
},
{
"category": "external",
"summary": "SUSE Bug 947159 for CVE-2015-7835",
"url": "https://bugzilla.suse.com/947159"
},
{
"category": "external",
"summary": "SUSE Bug 950367 for CVE-2015-7835",
"url": "https://bugzilla.suse.com/950367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-10-29T16:40:59Z",
"details": "important"
}
],
"title": "CVE-2015-7835"
},
{
"cve": "CVE-2015-7969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7969"
}
],
"notes": [
{
"category": "general",
"text": "Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of \"teardowns\" of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7969",
"url": "https://www.suse.com/security/cve/CVE-2015-7969"
},
{
"category": "external",
"summary": "SUSE Bug 950703 for CVE-2015-7969",
"url": "https://bugzilla.suse.com/950703"
},
{
"category": "external",
"summary": "SUSE Bug 950705 for CVE-2015-7969",
"url": "https://bugzilla.suse.com/950705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-10-29T16:40:59Z",
"details": "moderate"
}
],
"title": "CVE-2015-7969"
},
{
"cve": "CVE-2015-7971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7971"
}
],
"notes": [
{
"category": "general",
"text": "Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op function in common/xenoprof.c, or (2) HYPERVISOR_xenpmu_op hypercalls, which are not properly handled in the do_xenpmu_op function in arch/x86/cpu/vpmu.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7971",
"url": "https://www.suse.com/security/cve/CVE-2015-7971"
},
{
"category": "external",
"summary": "SUSE Bug 950706 for CVE-2015-7971",
"url": "https://bugzilla.suse.com/950706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Desktop 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-doc-html-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-default-4.4.3_02_3.0.101_65-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-kmp-pae-4.4.3_02_3.0.101_65-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-32bit-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-libs-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:xen-tools-domU-4.4.3_02-26.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel-4.4.3_02-26.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-10-29T16:40:59Z",
"details": "low"
}
],
"title": "CVE-2015-7971"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…