SUSE-SU-2013:0599-1: moderate: Security update for Xen

Wed Apr 3 09:04:35 MDT 2013

   SUSE Security Update: Security update for Xen
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0599-1
Rating:             moderate
References:         #793927 #794316 #797014 #797031 #797523 #798188 
                    #799694 #800156 #800275 #802690 #805094 #806736 

Cross-References:   CVE-2012-5634 CVE-2012-6075 CVE-2013-0153

Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP2
                    SUSE Linux Enterprise Server 11 SP2 for VMware
                    SUSE Linux Enterprise Server 11 SP2
                    SUSE Linux Enterprise Desktop 11 SP2
______________________________________________________________________________

   An update that solves three vulnerabilities and has 9 fixes
   is now available.

Description:

   XEN has been updated to fix various bugs and security
   issues:

   *

   CVE-2013-0153: (XSA 36) To avoid an erratum in early
   hardware, the Xen AMD IOMMU code by default choose to use a
   single interrupt remapping table for the whole system. This
   sharing implied that any guest with a passed through PCI
   device that is bus mastering capable can inject interrupts
   into other guests, including domain 0. This has been
   disabled for AMD chipsets not capable of it.

   *

   CVE-2012-6075: qemu: The e1000 had overflows under
   some conditions, potentially corrupting memory.

   *

   CVE-2013-0154: (XSA 37) Hypervisor crash due to
   incorrect ASSERT (debug build only)

   *

   CVE-2012-5634: (XSA-33) A VT-d interrupt remapping
   source validation flaw was fixed.

   Also the following bugs have been fixed:

   * bnc#805094 - xen hot plug attach/detach fails
   * bnc#802690 - domain locking can prevent a live
   migration from completing
   * bnc#797014 - no way to control live migrations o fix
   logic error in stdiostream_progress o restore logging in
   xc_save o add options to control migration tunables
   * bnc#806736: enabling xentrace crashes hypervisor
   * Upstream patches from Jan
   26287-sched-credit-pick-idle.patch
   26501-VMX-simplify-CR0-update.patch
   26502-VMX-disable-SMEP-when-not-paging.patch
   26516-ACPI-parse-table-retval.patch (Replaces
   CVE-2013-0153-xsa36.patch)
   26517-AMD-IOMMU-clear-irtes.patch (Replaces
   CVE-2013-0153-xsa36.patch)
   26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch
   (Replaces CVE-2013-0153-xsa36.patch)
   26519-AMD-IOMMU-perdev-intremap-default.patch (Replaces
   CVE-2013-0153-xsa36.patch) 26526-pvdrv-no-devinit.patch
   26531-AMD-IOMMU-IVHD-special-missing.patch (Replaces
   CVE-2013-0153-xsa36.patch)
   * bnc#798188 - Add $network to xend initscript
   dependencies
   * bnc#799694 - Unable to dvd or cdrom-boot DomU after
   xen-tools update Fixed with update to Xen version 4.1.4
   * bnc#800156 - L3: HP iLo Generate NMI function not
   working in XEN kernel
   * Upstream patches from Jan
   26404-x86-forward-both-NMI-kinds.patch
   26427-x86-AMD-enable-WC+.patch
   * bnc#793927 - Xen VMs with more than 2 disks randomly
   fail to start
   * Upstream patches from Jan
   26332-x86-compat-show-guest-stack-mfn.patch
   26333-x86-get_page_type-assert.patch (Replaces
   CVE-2013-0154-xsa37.patch)
   26340-VT-d-intremap-verify-legacy-bridge.patch (Replaces
   CVE-2012-5634-xsa33.patch)
   26370-libxc-x86-initial-mapping-fit.patch
   * Update to Xen 4.1.4 c/s 23432
   * Update xenpaging.guest-memusage.patch add rule for
   xenmem to avoid spurious build failures
   * Upstream patches from Jan
   26179-PCI-find-next-cap.patch 26183-x86-HPET-masking.patch
   26188-x86-time-scale-asm.patch
   26200-IOMMU-debug-verbose.patch
   26203-x86-HAP-dirty-vram-leak.patch
   26229-gnttab-version-switch.patch (Replaces
   CVE-2012-5510-xsa26.patch)
   26230-x86-HVM-limit-batches.patch (Replaces
   CVE-2012-5511-xsa27.patch)
   26231-memory-exchange-checks.patch (Replaces
   CVE-2012-5513-xsa29.patch)
   26232-x86-mark-PoD-error-path.patch (Replaces
   CVE-2012-5514-xsa30.patch) 26233-memop-order-checks.patch
   (Replaces CVE-2012-5515-xsa31.patch)
   26235-IOMMU-ATS-max-queue-depth.patch
   26272-x86-EFI-makefile-cflags-filter.patch
   26294-x86-AMD-Fam15-way-access-filter.patch
   CVE-2013-0154-xsa37.patch
   * Restore c/s 25751 in 23614-x86_64-EFI-boot.patch.
   Modify the EFI Makefile to do additional filtering.

   Security Issue references:

   * CVE-2013-0153
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0153
   >
   * CVE-2012-6075
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075
   >
   * CVE-2012-5634
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5634
   >

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP2:

      zypper in -t patch sdksp2-xen-7492

   - SUSE Linux Enterprise Server 11 SP2 for VMware:

      zypper in -t patch slessp2-xen-7492

   - SUSE Linux Enterprise Server 11 SP2:

      zypper in -t patch slessp2-xen-7492

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-xen-7492

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64):

      xen-devel-4.1.4_02-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64):

      xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64):

      xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1
      xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1
      xen-libs-4.1.4_02-0.5.1
      xen-tools-domU-4.1.4_02-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 (x86_64):

      xen-4.1.4_02-0.5.1
      xen-doc-html-4.1.4_02-0.5.1
      xen-doc-pdf-4.1.4_02-0.5.1
      xen-libs-32bit-4.1.4_02-0.5.1
      xen-tools-4.1.4_02-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 (i586):

      xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64):

      xen-kmp-default-4.1.4_02_3.0.58_0.6.6-0.5.1
      xen-kmp-trace-4.1.4_02_3.0.58_0.6.6-0.5.1
      xen-libs-4.1.4_02-0.5.1
      xen-tools-domU-4.1.4_02-0.5.1

   - SUSE Linux Enterprise Desktop 11 SP2 (x86_64):

      xen-4.1.4_02-0.5.1
      xen-doc-html-4.1.4_02-0.5.1
      xen-doc-pdf-4.1.4_02-0.5.1
      xen-libs-32bit-4.1.4_02-0.5.1
      xen-tools-4.1.4_02-0.5.1

   - SUSE Linux Enterprise Desktop 11 SP2 (i586):

      xen-kmp-pae-4.1.4_02_3.0.58_0.6.6-0.5.1

References:

   http://support.novell.com/security/cve/CVE-2012-5634.html
   http://support.novell.com/security/cve/CVE-2012-6075.html
   http://support.novell.com/security/cve/CVE-2013-0153.html
   https://bugzilla.novell.com/793927
   https://bugzilla.novell.com/794316
   https://bugzilla.novell.com/797014
   https://bugzilla.novell.com/797031
   https://bugzilla.novell.com/797523
   https://bugzilla.novell.com/798188
   https://bugzilla.novell.com/799694
   https://bugzilla.novell.com/800156
   https://bugzilla.novell.com/800275
   https://bugzilla.novell.com/802690
   https://bugzilla.novell.com/805094
   https://bugzilla.novell.com/806736
   http://download.novell.com/patch/finder/?keywords=6ce1ad48227bea66786cefd7aba4662f