[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2015:1894-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":154,"epss":9,"epss_history":155,"metrics":156,"affected":157},"SUSE-SU-2015:1894-1","Security update for xen\n\nxen was updated to version 4.4.3 to fix nine security issues.\n\nThese security issues were fixed:\n- CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267).\n- CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).\n- CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367).\n- CVE-2015-7311: libxl in Xen did not properly handle the readonly flag on disks when using the qemu-xen device model, which allowed local guest users to write to a read-only disk image (bsc#947165).\n- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).\n- CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697).\n- CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703).\n- CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705).\n- CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706).\n\nThese non-security issues were fixed:\n- bsc#907514: Bus fatal error: SLES 12 sudden reboot has been observed\n- bsc#910258: SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC\n- bsc#918984: Bus fatal error: SLES11-SP4 sudden reboot has been observed\n- bsc#923967: Partner-L3: Bus fatal error: SLES11-SP3 sudden reboot has been observed\n- bnc#901488: Intel ixgbe driver assigns rx/tx queues per core resulting in irq problems on servers with a large amount of CPU cores\n- bsc#945167: Running command: xl pci-assignable-add 03:10.1 secondly show errors\n- bsc#949138: Setting vcpu affinity under Xen causes libvirtd abort\n- bsc#949549: xm create hangs when maxmen value is enclosed in quotes\n",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2014-0222",{"_key":17},"CVE-2015-4037",{"_key":19},"CVE-2015-5239",{"_key":21},"CVE-2015-6815",{"_key":23},"CVE-2015-7311",{"_key":25},"CVE-2015-7835",{"_key":27},"CVE-2015-7969",{"_key":29},"CVE-2015-7971",[],[],[33,34,35,36,37,38,39,40],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},"2015-10-29T16:40:59Z","2026-02-04T03:28:52.772511Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,52,57,61,65,69,73,77,81,85,89,93,97,101,105,109,113,117,121,126,130,134,138,142,146,150],{"url":47,"sources":48,"tags":50},"https://www.suse.com/support/update/announcement/2015/suse-su-20151894-1/",[49],"osv_suse",[51],"Advisory",{"url":53,"sources":54,"tags":55},"https://bugzilla.suse.com/877642",[49],[56],"REPORT",{"url":58,"sources":59,"tags":60},"https://bugzilla.suse.com/901488",[49],[56],{"url":62,"sources":63,"tags":64},"https://bugzilla.suse.com/907514",[49],[56],{"url":66,"sources":67,"tags":68},"https://bugzilla.suse.com/910258",[49],[56],{"url":70,"sources":71,"tags":72},"https://bugzilla.suse.com/918984",[49],[56],{"url":74,"sources":75,"tags":76},"https://bugzilla.suse.com/923967",[49],[56],{"url":78,"sources":79,"tags":80},"https://bugzilla.suse.com/932267",[49],[56],{"url":82,"sources":83,"tags":84},"https://bugzilla.suse.com/944463",[49],[56],{"url":86,"sources":87,"tags":88},"https://bugzilla.suse.com/944697",[49],[56],{"url":90,"sources":91,"tags":92},"https://bugzilla.suse.com/945167",[49],[56],{"url":94,"sources":95,"tags":96},"https://bugzilla.suse.com/947165",[49],[56],{"url":98,"sources":99,"tags":100},"https://bugzilla.suse.com/949138",[49],[56],{"url":102,"sources":103,"tags":104},"https://bugzilla.suse.com/949549",[49],[56],{"url":106,"sources":107,"tags":108},"https://bugzilla.suse.com/950367",[49],[56],{"url":110,"sources":111,"tags":112},"https://bugzilla.suse.com/950703",[49],[56],{"url":114,"sources":115,"tags":116},"https://bugzilla.suse.com/950705",[49],[56],{"url":118,"sources":119,"tags":120},"https://bugzilla.suse.com/950706",[49],[56],{"url":122,"sources":123,"tags":124},"https://www.suse.com/security/cve/CVE-2014-0222",[49],[125],"WEB",{"url":127,"sources":128,"tags":129},"https://www.suse.com/security/cve/CVE-2015-4037",[49],[125],{"url":131,"sources":132,"tags":133},"https://www.suse.com/security/cve/CVE-2015-5239",[49],[125],{"url":135,"sources":136,"tags":137},"https://www.suse.com/security/cve/CVE-2015-6815",[49],[125],{"url":139,"sources":140,"tags":141},"https://www.suse.com/security/cve/CVE-2015-7311",[49],[125],{"url":143,"sources":144,"tags":145},"https://www.suse.com/security/cve/CVE-2015-7835",[49],[125],{"url":147,"sources":148,"tags":149},"https://www.suse.com/security/cve/CVE-2015-7969",[49],[125],{"url":151,"sources":152,"tags":153},"https://www.suse.com/security/cve/CVE-2015-7971",[49],[125],[],[],[],[158,171,175,179],{"ecosystem":159,"name":160,"vendor":161,"product":162,"cpe_part":9,"purl_type":163,"purl_namespace":161,"purl_name":162,"source":9,"versions":164},"SUSE Linux Enterprise","xen","suse","xen&distro=SUSE Linux Enterprise Desktop 11 SP4","rpm",[165],{"version":166,"is_range":167,"range_type":168,"version_start":9,"version_start_type":9,"version_end":169,"version_end_type":170,"fixed_in":9},"lt4_4_3_02_26_2",true,"ecosystem","4.4.3_02-26.2","excluding",{"ecosystem":159,"name":160,"vendor":161,"product":172,"cpe_part":9,"purl_type":163,"purl_namespace":161,"purl_name":172,"source":9,"versions":173},"xen&distro=SUSE Linux Enterprise Server 11 SP4",[174],{"version":166,"is_range":167,"range_type":168,"version_start":9,"version_start_type":9,"version_end":169,"version_end_type":170,"fixed_in":9},{"ecosystem":159,"name":160,"vendor":161,"product":176,"cpe_part":9,"purl_type":163,"purl_namespace":161,"purl_name":176,"source":9,"versions":177},"xen&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4",[178],{"version":166,"is_range":167,"range_type":168,"version_start":9,"version_start_type":9,"version_end":169,"version_end_type":170,"fixed_in":9},{"ecosystem":159,"name":160,"vendor":161,"product":180,"cpe_part":9,"purl_type":163,"purl_namespace":161,"purl_name":180,"source":9,"versions":181},"xen&distro=SUSE Linux Enterprise Software Development Kit 11 SP4",[182],{"version":166,"is_range":167,"range_type":168,"version_start":9,"version_start_type":9,"version_end":169,"version_end_type":170,"fixed_in":9}]