SUSE-SU-2014:1710-1: moderate: Security update for xen

sle-security-updates at sle-security-updates at
Wed Dec 24 11:04:58 MST 2014

   SUSE Security Update: Security update for xen

Announcement ID:    SUSE-SU-2014:1710-1
Rating:             moderate
References:         #826717 #867910 #875668 #880751 #895798 #895799 
                    #895802 #897657 #901317 #903850 #903967 #903970 
                    #905465 #905467 #906439 
Cross-References:   CVE-2013-3495 CVE-2014-2599 CVE-2014-3124
                    CVE-2014-4021 CVE-2014-7154 CVE-2014-7155
                    CVE-2014-7156 CVE-2014-7188 CVE-2014-8594
                    CVE-2014-8595 CVE-2014-8866 CVE-2014-8867
Affected Products:
                    SUSE Linux Enterprise Server 11 SP2 LTSS

   An update that solves 13 vulnerabilities and has two fixes
   is now available.


   xen was updated to fix 14 security issues:

       * Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
       * Insufficient bounding of "REP MOVS" to MMIO emulated inside the
         hypervisor (CVE-2014-8867).
       * Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW
         emulation (CVE-2014-7155).
       * Hypervisor heap contents leaked to guests (CVE-2014-4021).
       * Missing privilege level checks in x86 emulation of far branches
       * Insufficient restrictions on certain MMU update hypercalls
       * Intel VT-d Interrupt Remapping engines can be evaded by native NMI
         interrupts (CVE-2013-3495).
       * Missing privilege level checks in x86 emulation of software
         interrupts (CVE-2014-7156).
       * Race condition in HVMOP_track_dirty_vram (CVE-2014-7154).
       * Improper MSR range used for x2APIC emulation (CVE-2014-7188).
       * HVMOP_set_mem_type allows invalid P2M entries to be created
       * HVMOP_set_mem_access is not preemptible (CVE-2014-2599).
       * Excessive checking in compatibility mode hypercall argument
         translation (CVE-2014-8866).
       * Guest user mode triggerable VM exits not handled by hypervisor

   This non-security bug was fixed:

       * Increase limit domUloader to 32MB (bnc#901317).

   Security Issues:

       * CVE-2014-9030
       * CVE-2014-8867
       * CVE-2014-7155
       * CVE-2014-4021
       * CVE-2014-8595
       * CVE-2014-8594
       * CVE-2013-3495
       * CVE-2014-7156
       * CVE-2014-7154
       * CVE-2014-7188
       * CVE-2014-3124
       * CVE-2014-2599
       * CVE-2014-8866

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11 SP2 LTSS:

      zypper in -t patch slessp2-xen-11sp2-20141204-10081

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 x86_64):


   - SUSE Linux Enterprise Server 11 SP2 LTSS (x86_64):


   - SUSE Linux Enterprise Server 11 SP2 LTSS (i586):



More information about the sle-security-updates mailing list