SuSE Local Security Checks : SUSE: Security Advisory (SUSE-SU-2012:1503-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.4.2012.1503.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2012:1503-1)
Summary:	The remote host is missing an update for the 'libvirt' package(s) announced via the SUSE-SU-2012:1503-1 advisory.
Description:	Summary: The remote host is missing an update for the 'libvirt' package(s) announced via the SUSE-SU-2012:1503-1 advisory. Vulnerability Insight: libvirt received security and bugfixes: * CVE-2012-4423: Fixed a libvirt remote denial of service (crash) problem. The following bugs have been fixed: * qemu: Fix probing for guest capabilities * xen-xm: Generate UUID if not specified * xenParseXM: don't dereference NULL pointer when script is empty Security Issue references: * CVE-2012-4539 > * CVE-2012-3497 > * CVE-2012-4411 > * CVE-2012-4535 > * CVE-2012-4537 > * CVE-2012-4536 > * CVE-2012-4538 > * CVE-2012-4539 > * CVE-2012-4544 > Affected Software/OS: 'libvirt' package(s) on SUSE Linux Enterprise Desktop 11-SP2, SUSE Linux Enterprise Server 11-SP2, SUSE Linux Enterprise Software Development Kit 11-SP2. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3497 1027482 http://www.securitytracker.com/id?1027482 50472 http://secunia.com/advisories/50472 51324 http://secunia.com/advisories/51324 51352 http://secunia.com/advisories/51352 51413 http://secunia.com/advisories/51413 55082 http://secunia.com/advisories/55082 55410 http://www.securityfocus.com/bid/55410 85199 http://osvdb.org/85199 GLSA-201309-24 http://security.gentoo.org/glsa/glsa-201309-24.xml GLSA-201604-03 https://security.gentoo.org/glsa/201604-03 SUSE-SU-2012:1486 http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html SUSE-SU-2012:1487 http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html SUSE-SU-2014:0446 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html [Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html [oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities openSUSE-SU-2012:1572 http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html openSUSE-SU-2012:1573 http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html xen-tmem-priv-esc(78268) https://exchange.xforce.ibmcloud.com/vulnerabilities/78268 Common Vulnerability Exposure (CVE) ID: CVE-2012-4411 50493 http://secunia.com/advisories/50493 55442 http://www.securityfocus.com/bid/55442 DSA-2543 http://www.debian.org/security/2012/dsa-2543 [Xen-announce] 20120906 Xen Security Advisory 19 - guest administrator can access qemu monitor console http://lists.xen.org/archives/html/xen-announce/2012-09/msg00007.html [Xen-announce] 20120907 Xen Security Advisory 19 (CVE-2012-4411) - guest administrator can access qemu monitor console http://lists.xen.org/archives/html/xen-announce/2012-09/msg00008.html [oss-security] 20120906 Re: Xen Security Advisory 19 - guest administrator can access qemu monitor console http://www.openwall.com/lists/oss-security/2012/09/06/7 [oss-security] 20120906 Xen Security Advisory 19 - guest administrator can access qemu monitor console http://www.openwall.com/lists/oss-security/2012/09/06/2 [oss-security] 20120907 Xen Security Advisory 19 (CVE-2012-4411) - guest administrator can access qemu monitor console http://www.openwall.com/lists/oss-security/2012/09/07/5 Common Vulnerability Exposure (CVE) ID: CVE-2012-4423 1027649 http://www.securitytracker.com/id?1027649 55541 http://www.securityfocus.com/bid/55541 FEDORA-2012-15634 http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html FEDORA-2012-15640 http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html RHSA-2012:1359 http://rhn.redhat.com/errata/RHSA-2012-1359.html USN-1708-1 http://www.ubuntu.com/usn/USN-1708-1 [libvirt] 20120912 [PATCH] Fix libvirtd crash possibility https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html [oss-security] 20120913 Re: CVE Request -- libvirt: null function pointer invocation in virNetServerProgramDispatchCall() http://www.openwall.com/lists/oss-security/2012/09/13/14 http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec https://bugzilla.redhat.com/show_bug.cgi?id=857133 openSUSE-SU-2013:0274 http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html Common Vulnerability Exposure (CVE) ID: CVE-2012-4535 1027759 http://www.securitytracker.com/id?1027759 51200 http://secunia.com/advisories/51200 51468 http://secunia.com/advisories/51468 56498 http://www.securityfocus.com/bid/56498 87298 http://osvdb.org/87298 DSA-2582 http://www.debian.org/security/2012/dsa-2582 RHSA-2012:1540 http://rhn.redhat.com/errata/RHSA-2012-1540.html SUSE-SU-2012:1615 http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html SUSE-SU-2014:0470 http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html [Xen-announce] 20121113 Xen Security Advisory 20 (CVE-2012-4535) - Timer overflow DoS vulnerability http://lists.xen.org/archives/html/xen-announce/2012-11/msg00001.html [oss-security] 20121113 Xen Security Advisory 20 (CVE-2012-4535) - Timer overflow DoS vulnerability http://www.openwall.com/lists/oss-security/2012/11/13/1 xen-vcpu-dos(80022) https://exchange.xforce.ibmcloud.com/vulnerabilities/80022 Common Vulnerability Exposure (CVE) ID: CVE-2012-4536 1027760 http://www.securitytracker.com/id?1027760 87297 http://osvdb.org/87297 [Xen-announce] 20121113 Xen Security Advisory 21 (CVE-2012-4536) - pirq range check DoS vulnerability http://lists.xen.org/archives/html/xen-announce/2012-11/msg00003.html [oss-security] 20121113 Xen Security Advisory 21 (CVE-2012-4536) - pirq range check DoS vulnerability http://www.openwall.com/lists/oss-security/2012/11/13/2 xen-domainpirqtoemuirq-dos(80023) https://exchange.xforce.ibmcloud.com/vulnerabilities/80023 Common Vulnerability Exposure (CVE) ID: CVE-2012-4537 1027761 http://www.securitytracker.com/id?1027761 87307 http://osvdb.org/87307 [Xen-announce] 20121113 Xen Security Advisory 22 (CVE-2012-4537) - Memory mapping failure DoS vulnerability http://lists.xen.org/archives/html/xen-announce/2012-11/msg00005.html [oss-security] 20121113 Xen Security Advisory 22 (CVE-2012-4537) - Memory mapping failure DoS vulnerability http://www.openwall.com/lists/oss-security/2012/11/13/6 xen-setp2mentry-dos(80024) https://exchange.xforce.ibmcloud.com/vulnerabilities/80024 Common Vulnerability Exposure (CVE) ID: CVE-2012-4538 1027762 http://www.securitytracker.com/id?1027762 87306 http://osvdb.org/87306 [Xen-announce] 20121113 Xen Security Advisory 23 (CVE-2012-4538) - Unhooking empty PAE entries DoS vulnerability http://lists.xen.org/archives/html/xen-announce/2012-11/msg00004.html [oss-security] 20121113 Xen Security Advisory 23 (CVE-2012-4538) - Unhooking empty PAE entries DoS vulnerability http://www.openwall.com/lists/oss-security/2012/11/13/3 xen-hvmop-dos(80025) https://exchange.xforce.ibmcloud.com/vulnerabilities/80025 Common Vulnerability Exposure (CVE) ID: CVE-2012-4539 1027763 http://www.securitytracker.com/id?1027763 87305 http://www.osvdb.org/87305 [Xen-announce] 20121113 Xen Security Advisory 24 (CVE-2012-4539) - Grant table hypercall infinite loop DoS vulnerability http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html [oss-security] 20121113 Xen Security Advisory 24 (CVE-2012-4539) - Grant table hypercall infinite loop DoS vulnerability http://www.openwall.com/lists/oss-security/2012/11/13/4 openSUSE-SU-2012:1685 http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html xen-gnttabopgetstatus-dos(80026) https://exchange.xforce.ibmcloud.com/vulnerabilities/80026 Common Vulnerability Exposure (CVE) ID: CVE-2012-4544 1027699 http://www.securitytracker.com/id?1027699 51071 http://secunia.com/advisories/51071 56289 http://www.securityfocus.com/bid/56289 86619 http://osvdb.org/86619 DSA-2636 http://www.debian.org/security/2013/dsa-2636 FEDORA-2012-17135 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092050.html FEDORA-2012-17204 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091844.html FEDORA-2012-17408 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091832.html RHSA-2013:0241 http://rhn.redhat.com/errata/RHSA-2013-0241.html SUSE-SU-2014:0411 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html [oss-security] 20121026 Xen Security Advisory 25 (CVE-2012-4544) - Xen domain builder Out-of-memory due to malicious kernel/ramdisk http://www.openwall.com/lists/oss-security/2012/10/26/3 xen-pvdomainbuilder-dos(79617) https://exchange.xforce.ibmcloud.com/vulnerabilities/79617
Copyright	Copyright (C) 2021 Greenbone AG