SUSE-SU-2017:2420-1
Vulnerability Summary
Timeline
Description
Security update for xen This update for xen fixes several issues. These security issues were fixed: - CVE-2017-14316: Missing bound check in function `alloc_heap_pages` for an internal array allowed attackers using crafted hypercalls to execute arbitrary code within Xen (XSA-231, bsc#1056278) - CVE-2017-14318: The function __gnttab_cache_flush missed a check for grant tables, allowing a malicious guest to crash the host or for x86 PV guests to potentially escalate privileges (XSA-232, bsc#1056280) - CVE-2017-14317: A race in cxenstored may have cause a double-free allowind for DoS of the xenstored daemon (XSA-233, bsc#1056281). - CVE-2017-14319: An error while handling grant mappings allowed malicious or buggy x86 PV guest to escalate its privileges or crash the hypervisor (XSA-234, bsc#1056282). These non-security issues were fixed: - bsc#1057358: Fixed boot into SUSE Linux Enterprise 12.3 with secure boot - bsc#1055695: Fixed restoring updates for HVM guests for ballooned domUs
Affected Systems
- suse•xen&distro=SUSE Linux Enterprise Desktop 12 SP3
< 4.9.0_12-3.15.1
- suse•xen&distro=SUSE Linux Enterprise Server 12 SP3
< 4.9.0_12-3.15.1
- suse•xen&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
< 4.9.0_12-3.15.1
- suse•xen&distro=SUSE Linux Enterprise Software Development Kit 12 SP3
< 4.9.0_12-3.15.1
References (12)
- https://www.suse.com/support/update/announcement/2017/suse-su-20172420-1/
- https://bugzilla.suse.com/1027519
- https://bugzilla.suse.com/1055695
- https://bugzilla.suse.com/1056278
- https://bugzilla.suse.com/1056280
- https://bugzilla.suse.com/1056281
- https://bugzilla.suse.com/1056282
- https://bugzilla.suse.com/1057358
- https://www.suse.com/security/cve/CVE-2017-14316
- https://www.suse.com/security/cve/CVE-2017-14317
- https://www.suse.com/security/cve/CVE-2017-14318
- https://www.suse.com/security/cve/CVE-2017-14319