Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2016.1445.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2016:1445-1)
Summary:The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2016:1445-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2016:1445-1 advisory.

Vulnerability Insight:
Xen was updated to fix the following security issues:
CVE-2016-2841: net: ne2000: infinite loop in ne2000_receive (bsc#969351)
CVE-2016-2391: usb: multiple eof_timers in ohci module leads to null pointer dereference (bsc#967101)
CVE-2016-2270: x86: inconsistent cachability flags on guest mappings (XSA-154) (bsc#965315)
CVE-2016-2271: VMX: guest user mode may crash guest with non-canonical RIP (XSA-170) (bsc#965317)
CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#964947)
CVE-2014-0222: qcow1: validate L2 table size to avoid integer overflows (bsc#964925)
CVE-2014-7815: vnc: insufficient bits_per_pixel from the client sanitization (bsc#962627)
CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bsc#960726)
Security Issues:
CVE-2016-2841 CVE-2016-2391 CVE-2016-2270 CVE-2016-2271 CVE-2015-5278 CVE-2014-0222 CVE-2014-7815 CVE-2015-8743

Affected Software/OS:
'Xen' package(s) on SUSE Linux Enterprise Server 10 SP4.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-0222
BugTraq ID: 67357
http://www.securityfocus.com/bid/67357
Debian Security Information: DSA-3044 (Google Search)
http://www.debian.org/security/2014/dsa-3044
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html
https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html
SuSE Security Announcement: SUSE-SU-2015:0929 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html
SuSE Security Announcement: openSUSE-SU-2015:1965 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-7815
Debian Security Information: DSA-3066 (Google Search)
http://www.debian.org/security/2014/dsa-3066
Debian Security Information: DSA-3067 (Google Search)
http://www.debian.org/security/2014/dsa-3067
RedHat Security Advisories: RHSA-2015:0349
http://rhn.redhat.com/errata/RHSA-2015-0349.html
RedHat Security Advisories: RHSA-2015:0624
http://rhn.redhat.com/errata/RHSA-2015-0624.html
http://secunia.com/advisories/61484
http://secunia.com/advisories/62143
http://secunia.com/advisories/62144
SuSE Security Announcement: SUSE-SU-2015:1782 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html
http://www.ubuntu.com/usn/USN-2409-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5278
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html
http://www.openwall.com/lists/oss-security/2015/09/15/2
http://www.ubuntu.com/usn/USN-2745-1
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03985.html
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8743
BugTraq ID: 79820
http://www.securityfocus.com/bid/79820
Debian Security Information: DSA-3469 (Google Search)
http://www.debian.org/security/2016/dsa-3469
Debian Security Information: DSA-3470 (Google Search)
http://www.debian.org/security/2016/dsa-3470
Debian Security Information: DSA-3471 (Google Search)
http://www.debian.org/security/2016/dsa-3471
https://security.gentoo.org/glsa/201602-01
http://www.openwall.com/lists/oss-security/2016/01/04/1
http://www.openwall.com/lists/oss-security/2016/01/04/2
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00050.html
http://www.securitytracker.com/id/1034574
Common Vulnerability Exposure (CVE) ID: CVE-2016-2270
Debian Security Information: DSA-3519 (Google Search)
http://www.debian.org/security/2016/dsa-3519
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177990.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178518.html
https://security.gentoo.org/glsa/201604-03
http://www.securitytracker.com/id/1035042
Common Vulnerability Exposure (CVE) ID: CVE-2016-2271
http://www.securitytracker.com/id/1035043
Common Vulnerability Exposure (CVE) ID: CVE-2016-2391
BugTraq ID: 83263
http://www.securityfocus.com/bid/83263
https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
http://www.openwall.com/lists/oss-security/2016/02/16/2
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03374.html
http://www.ubuntu.com/usn/USN-2974-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-2841
BugTraq ID: 84028
http://www.securityfocus.com/bid/84028
https://security.gentoo.org/glsa/201609-01
http://www.openwall.com/lists/oss-security/2016/03/02/8
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg06126.html
http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.