[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2015:1853-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":142,"epss":9,"epss_history":143,"metrics":144,"affected":145},"SUSE-SU-2015:1853-1","Security update for xen\n\nxen was updated to fix nine security issues.\n\nThese security issues were fixed:\n- CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267).\n- CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).\n- CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367).\n- CVE-2015-7311: libxl in Xen did not properly handle the readonly flag on disks when using the qemu-xen device model, which allowed local guest users to write to a read-only disk image (bsc#947165).\n- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).\n- CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697).\n- CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703).\n- CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705).\n- CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706).\n\nThese non-security issues were fixed:\n- bsc#907514: Bus fatal error: SLES 12 sudden reboot has been observed\n- bsc#910258: SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC\n- bsc#918984: Bus fatal error: SLES11-SP4 sudden reboot has been observed\n- bsc#923967: Partner-L3: Bus fatal error: SLES11-SP3 sudden reboot has been observed\n- bsc#941074: Device 51728 could not be connected. Hotplug scripts not working\n",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2014-0222",{"_key":17},"CVE-2015-4037",{"_key":19},"CVE-2015-5239",{"_key":21},"CVE-2015-6815",{"_key":23},"CVE-2015-7311",{"_key":25},"CVE-2015-7835",{"_key":27},"CVE-2015-7969",{"_key":29},"CVE-2015-7971",[],[],[33,34,35,36,37,38,39,40],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},"2015-10-29T16:37:05Z","2026-02-04T02:39:12.647981Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,52,57,61,65,69,73,77,81,85,89,93,97,101,105,109,114,118,122,126,130,134,138],{"url":47,"sources":48,"tags":50},"https://www.suse.com/support/update/announcement/2015/suse-su-20151853-1/",[49],"osv_suse",[51],"Advisory",{"url":53,"sources":54,"tags":55},"https://bugzilla.suse.com/877642",[49],[56],"REPORT",{"url":58,"sources":59,"tags":60},"https://bugzilla.suse.com/907514",[49],[56],{"url":62,"sources":63,"tags":64},"https://bugzilla.suse.com/910258",[49],[56],{"url":66,"sources":67,"tags":68},"https://bugzilla.suse.com/918984",[49],[56],{"url":70,"sources":71,"tags":72},"https://bugzilla.suse.com/923967",[49],[56],{"url":74,"sources":75,"tags":76},"https://bugzilla.suse.com/932267",[49],[56],{"url":78,"sources":79,"tags":80},"https://bugzilla.suse.com/941074",[49],[56],{"url":82,"sources":83,"tags":84},"https://bugzilla.suse.com/944463",[49],[56],{"url":86,"sources":87,"tags":88},"https://bugzilla.suse.com/944697",[49],[56],{"url":90,"sources":91,"tags":92},"https://bugzilla.suse.com/947165",[49],[56],{"url":94,"sources":95,"tags":96},"https://bugzilla.suse.com/950367",[49],[56],{"url":98,"sources":99,"tags":100},"https://bugzilla.suse.com/950703",[49],[56],{"url":102,"sources":103,"tags":104},"https://bugzilla.suse.com/950705",[49],[56],{"url":106,"sources":107,"tags":108},"https://bugzilla.suse.com/950706",[49],[56],{"url":110,"sources":111,"tags":112},"https://www.suse.com/security/cve/CVE-2014-0222",[49],[113],"WEB",{"url":115,"sources":116,"tags":117},"https://www.suse.com/security/cve/CVE-2015-4037",[49],[113],{"url":119,"sources":120,"tags":121},"https://www.suse.com/security/cve/CVE-2015-5239",[49],[113],{"url":123,"sources":124,"tags":125},"https://www.suse.com/security/cve/CVE-2015-6815",[49],[113],{"url":127,"sources":128,"tags":129},"https://www.suse.com/security/cve/CVE-2015-7311",[49],[113],{"url":131,"sources":132,"tags":133},"https://www.suse.com/security/cve/CVE-2015-7835",[49],[113],{"url":135,"sources":136,"tags":137},"https://www.suse.com/security/cve/CVE-2015-7969",[49],[113],{"url":139,"sources":140,"tags":141},"https://www.suse.com/security/cve/CVE-2015-7971",[49],[113],[],[],[],[146,159,163,167,171],{"ecosystem":147,"name":148,"vendor":149,"product":150,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":150,"source":9,"versions":152},"SUSE Linux Enterprise","xen","suse","xen&distro=SUSE Linux Enterprise Desktop 11 SP3","rpm",[153],{"version":154,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":157,"version_end_type":158,"fixed_in":9},"lt4_2_5_14_18_2",true,"ecosystem","4.2.5_14-18.2","excluding",{"ecosystem":147,"name":148,"vendor":149,"product":160,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":160,"source":9,"versions":161},"xen&distro=SUSE Linux Enterprise Server 11 SP3",[162],{"version":154,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":157,"version_end_type":158,"fixed_in":9},{"ecosystem":147,"name":148,"vendor":149,"product":164,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":164,"source":9,"versions":165},"xen&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA",[166],{"version":154,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":157,"version_end_type":158,"fixed_in":9},{"ecosystem":147,"name":148,"vendor":149,"product":168,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":168,"source":9,"versions":169},"xen&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP3",[170],{"version":154,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":157,"version_end_type":158,"fixed_in":9},{"ecosystem":147,"name":148,"vendor":149,"product":172,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":172,"source":9,"versions":173},"xen&distro=SUSE Linux Enterprise Software Development Kit 11 SP3",[174],{"version":154,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":157,"version_end_type":158,"fixed_in":9}]