Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2013-311.NASL
HistoryJun 13, 2014 - 12:00 a.m.

openSUSE Security Update : xen (openSUSE-SU-2013:0637-1)

2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.023 Low

EPSS

Percentile

89.8%

JSON

XEN was updated to fix various bugs and security issues :

Security issues fixed :

  • bnc#800275 - CVE-2013-0153: xen: interrupt remap entries shared and old ones not cleared on AMD IOMMUs

  • bnc#797523 - CVE-2012-6075: qemu / kvm-qemu: e1000 overflows under some conditions

  • bnc#797031 - Xen Security Advisory 37 (CVE-2013-0154) - Hypervisor crash due to incorrect ASSERT (debug build only)

  • bnc#794316 - CVE-2012-5634: xen: VT-d interrupt remapping source validation flaw (XSA-33)

Bugs fixed :

  • Upstream patches from Jan 26536-xenoprof-div-by-0.patch 26578-AMD-IOMMU-replace-BUG_ON.patch 26656-x86-fix-null-pointer-dereference-in-intel_get_exte nded_msrs.patch 26659-AMD-IOMMU-erratum-746-workaround.patch 26660-x86-fix-CMCI-injection.patch 26672-vmx-fix-handling-of-NMI-VMEXIT.patch 26673-Avoid-stale-pointer-when-moving-domain-to-another- cpupool.patch 26676-fix-compat-memory-exchange-op-splitting.patch 26677-x86-make-certain-memory-sub-ops-return-valid-value s.patch 26678-SEDF-avoid-gathering-vCPU-s-on-pCPU0.patch 26679-x86-defer-processing-events-on-the-NMI-exit-path.p atch 26683-credit1-Use-atomic-bit-operations-for-the-flags-st ructure.patch 26692-x86-MSI-fully-protect-MSI-X-table.patch

  • bnc#805094 - xen hot plug attach/detach fails modified blktap-pv-cdrom.patch

  • bnc#802690 - domain locking can prevent a live migration from completing modified xend-domain-lock.patch

  • bnc#797014 - no way to control live migrations 26547-tools-xc_fix_logic_error_in_stdiostream_progress.p atch 26548-tools-xc_handle_tty_output_differently_in_stdiostr eam_progress.patch 26549-tools-xc_turn_XCFLAGS__into_shifts.patch 26550-tools-xc_restore_logging_in_xc_save.patch 26551-tools-xc_log_pid_in_xc_save-xc_restore_output.patc h 26675-tools-xentoollog_update_tty_detection_in_stdiostre am_progress.patch xen.migrate.tools-xc_print_messages_from_xc_save_with_xc
    report.patch xen.migrate.tools-xc_document_printf_calls_in_xc_restore .patch xen.migrate.tools-xc_rework_xc_save.cswitch_qemu_logdirt y.patch xen.migrate.tools_set_migration_constraints_from_cmdline .patch xen.migrate.tools_add_xm_migrate–log_progress_option.p atch

  • remove old patches: xen.xc.progress.patch xen.xc_save.details.patch xen.migration.abort_if_busy.patch

  • bnc#806736: enabling xentrace crashes hypervisor 26686-xentrace_fix_off-by-one_in_calculate_tbuf_size.pat ch

  • Upstream patches from Jan 26287-sched-credit-pick-idle.patch 26501-VMX-simplify-CR0-update.patch 26502-VMX-disable-SMEP-when-not-paging.patch 26516-ACPI-parse-table-retval.patch (Replaces CVE-2013-0153-xsa36.patch) 26517-AMD-IOMMU-clear-irtes.patch (Replaces CVE-2013-0153-xsa36.patch) 26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch (Replaces CVE-2013-0153-xsa36.patch) 26519-AMD-IOMMU-perdev-intremap-default.patch (Replaces CVE-2013-0153-xsa36.patch) 26526-pvdrv-no-devinit.patch 26531-AMD-IOMMU-IVHD-special-missing.patch (Replaces CVE-2013-0153-xsa36.patch)

  • bnc#798188 - Add $network to xend initscript dependencies

  • bnc#797014 - no way to control live migrations

  • fix logic error in stdiostream_progress xen.xc.progress.patch

  • restore logging in xc_save xen.xc_save.details.patch

  • add options to control migration tunables

    –max_iters, --max_factor, --abort_if_busy xen.migration.abort_if_busy.patch

  • bnc#799694 - Unable to dvd or cdrom-boot DomU after xen-tools update Fixed with update to Xen version 4.1.4

  • bnc#800156 - L3: HP iLo Generate NMI function not working in XEN kernel 26440-x86-forward-SERR.patch

  • Upstream patches from Jan 26404-x86-forward-both-NMI-kinds.patch 26427-x86-AMD-enable-WC+.patch

  • bnc#793927 - Xen VMs with more than 2 disks randomly fail to start 25590-hotplug-locking.patch 25595-hotplug-locking.patch 26079-hotplug-locking.patch

  • Upstream patches from Jan 26332-x86-compat-show-guest-stack-mfn.patch 26333-x86-get_page_type-assert.patch (Replaces CVE-2013-0154-xsa37.patch) 26340-VT-d-intremap-verify-legacy-bridge.patch (Replaces CVE-2012-5634-xsa33.patch) 26370-libxc-x86-initial-mapping-fit.patch

  • Update to Xen 4.1.4 c/s 23432

  • Update xenpaging.guest-memusage.patch add rule for xenmem to avoid spurious build failures

  • Upstream patches from Jan 26179-PCI-find-next-cap.patch 26183-x86-HPET-masking.patch 26188-x86-time-scale-asm.patch 26200-IOMMU-debug-verbose.patch 26203-x86-HAP-dirty-vram-leak.patch 26229-gnttab-version-switch.patch (Replaces CVE-2012-5510-xsa26.patch) 26230-x86-HVM-limit-batches.patch (Replaces CVE-2012-5511-xsa27.patch) 26231-memory-exchange-checks.patch (Replaces CVE-2012-5513-xsa29.patch) 26232-x86-mark-PoD-error-path.patch (Replaces CVE-2012-5514-xsa30.patch) 26233-memop-order-checks.patch (Replaces CVE-2012-5515-xsa31.patch) 26235-IOMMU-ATS-max-queue-depth.patch 26272-x86-EFI-makefile-cflags-filter.patch 26294-x86-AMD-Fam15-way-access-filter.patch CVE-2013-0154-xsa37.patch

  • Restore c/s 25751 in 23614-x86_64-EFI-boot.patch. Modify the EFI Makefile to do additional filtering.
    EFI-makefile-cflags-filter.patch

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2013-311.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(74967);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2012-5510", "CVE-2012-5511", "CVE-2012-5513", "CVE-2012-5514", "CVE-2012-5515", "CVE-2012-5634", "CVE-2012-6075", "CVE-2013-0153", "CVE-2013-0154");

  script_name(english:"openSUSE Security Update : xen (openSUSE-SU-2013:0637-1)");
  script_summary(english:"Check for the openSUSE-2013-311 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"XEN was updated to fix various bugs and security issues :

Security issues fixed :

  - bnc#800275 - CVE-2013-0153: xen: interrupt remap entries
    shared and old ones not cleared on AMD IOMMUs

  - bnc#797523 - CVE-2012-6075: qemu / kvm-qemu: e1000
    overflows under some conditions

  - bnc#797031 - Xen Security Advisory 37 (CVE-2013-0154) -
    Hypervisor crash due to incorrect ASSERT (debug build
    only)

  - bnc#794316 - CVE-2012-5634: xen: VT-d interrupt
    remapping source validation flaw (XSA-33)

Bugs fixed :

  - Upstream patches from Jan 26536-xenoprof-div-by-0.patch
    26578-AMD-IOMMU-replace-BUG_ON.patch
    26656-x86-fix-null-pointer-dereference-in-intel_get_exte
    nded_msrs.patch
    26659-AMD-IOMMU-erratum-746-workaround.patch
    26660-x86-fix-CMCI-injection.patch
    26672-vmx-fix-handling-of-NMI-VMEXIT.patch
    26673-Avoid-stale-pointer-when-moving-domain-to-another-
    cpupool.patch
    26676-fix-compat-memory-exchange-op-splitting.patch
    26677-x86-make-certain-memory-sub-ops-return-valid-value
    s.patch 26678-SEDF-avoid-gathering-vCPU-s-on-pCPU0.patch
    26679-x86-defer-processing-events-on-the-NMI-exit-path.p
    atch
    26683-credit1-Use-atomic-bit-operations-for-the-flags-st
    ructure.patch
    26692-x86-MSI-fully-protect-MSI-X-table.patch

  - bnc#805094 - xen hot plug attach/detach fails modified
    blktap-pv-cdrom.patch

  - bnc#802690 - domain locking can prevent a live migration
    from completing modified xend-domain-lock.patch

  - bnc#797014 - no way to control live migrations
    26547-tools-xc_fix_logic_error_in_stdiostream_progress.p
    atch
    26548-tools-xc_handle_tty_output_differently_in_stdiostr
    eam_progress.patch
    26549-tools-xc_turn_XCFLAGS__into_shifts.patch
    26550-tools-xc_restore_logging_in_xc_save.patch
    26551-tools-xc_log_pid_in_xc_save-xc_restore_output.patc
    h
    26675-tools-xentoollog_update_tty_detection_in_stdiostre
    am_progress.patch
    xen.migrate.tools-xc_print_messages_from_xc_save_with_xc
    _report.patch
    xen.migrate.tools-xc_document_printf_calls_in_xc_restore
    .patch
    xen.migrate.tools-xc_rework_xc_save.cswitch_qemu_logdirt
    y.patch
    xen.migrate.tools_set_migration_constraints_from_cmdline
    .patch
    xen.migrate.tools_add_xm_migrate_--log_progress_option.p
    atch

  - remove old patches: xen.xc.progress.patch
    xen.xc_save.details.patch
    xen.migration.abort_if_busy.patch

  - bnc#806736: enabling xentrace crashes hypervisor
    26686-xentrace_fix_off-by-one_in_calculate_tbuf_size.pat
    ch

  - Upstream patches from Jan
    26287-sched-credit-pick-idle.patch
    26501-VMX-simplify-CR0-update.patch
    26502-VMX-disable-SMEP-when-not-paging.patch
    26516-ACPI-parse-table-retval.patch (Replaces
    CVE-2013-0153-xsa36.patch)
    26517-AMD-IOMMU-clear-irtes.patch (Replaces
    CVE-2013-0153-xsa36.patch)
    26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch
    (Replaces CVE-2013-0153-xsa36.patch)
    26519-AMD-IOMMU-perdev-intremap-default.patch (Replaces
    CVE-2013-0153-xsa36.patch) 26526-pvdrv-no-devinit.patch
    26531-AMD-IOMMU-IVHD-special-missing.patch (Replaces
    CVE-2013-0153-xsa36.patch)

  - bnc#798188 - Add $network to xend initscript
    dependencies

  - bnc#797014 - no way to control live migrations

  - fix logic error in stdiostream_progress
    xen.xc.progress.patch

  - restore logging in xc_save xen.xc_save.details.patch

  - add options to control migration tunables

    --max_iters, --max_factor, --abort_if_busy
    xen.migration.abort_if_busy.patch

  - bnc#799694 - Unable to dvd or cdrom-boot DomU after
    xen-tools update Fixed with update to Xen version 4.1.4

  - bnc#800156 - L3: HP iLo Generate NMI function not
    working in XEN kernel 26440-x86-forward-SERR.patch

  - Upstream patches from Jan
    26404-x86-forward-both-NMI-kinds.patch
    26427-x86-AMD-enable-WC+.patch 

  - bnc#793927 - Xen VMs with more than 2 disks randomly
    fail to start 25590-hotplug-locking.patch
    25595-hotplug-locking.patch 26079-hotplug-locking.patch

  - Upstream patches from Jan
    26332-x86-compat-show-guest-stack-mfn.patch
    26333-x86-get_page_type-assert.patch (Replaces
    CVE-2013-0154-xsa37.patch)
    26340-VT-d-intremap-verify-legacy-bridge.patch (Replaces
    CVE-2012-5634-xsa33.patch)
    26370-libxc-x86-initial-mapping-fit.patch

  - Update to Xen 4.1.4 c/s 23432

  - Update xenpaging.guest-memusage.patch add rule for
    xenmem to avoid spurious build failures

  - Upstream patches from Jan 26179-PCI-find-next-cap.patch
    26183-x86-HPET-masking.patch
    26188-x86-time-scale-asm.patch
    26200-IOMMU-debug-verbose.patch
    26203-x86-HAP-dirty-vram-leak.patch
    26229-gnttab-version-switch.patch (Replaces
    CVE-2012-5510-xsa26.patch)
    26230-x86-HVM-limit-batches.patch (Replaces
    CVE-2012-5511-xsa27.patch)
    26231-memory-exchange-checks.patch (Replaces
    CVE-2012-5513-xsa29.patch)
    26232-x86-mark-PoD-error-path.patch (Replaces
    CVE-2012-5514-xsa30.patch)
    26233-memop-order-checks.patch (Replaces
    CVE-2012-5515-xsa31.patch)
    26235-IOMMU-ATS-max-queue-depth.patch
    26272-x86-EFI-makefile-cflags-filter.patch
    26294-x86-AMD-Fam15-way-access-filter.patch
    CVE-2013-0154-xsa37.patch

  - Restore c/s 25751 in 23614-x86_64-EFI-boot.patch. Modify
    the EFI Makefile to do additional filtering.
    EFI-makefile-cflags-filter.patch"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=793927"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=794316"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=797014"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=797031"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=797523"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=798188"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=799694"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=800156"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=800275"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=802690"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=805094"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=806736"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2013-04/msg00052.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected xen packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-doc-html");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-doc-pdf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-kmp-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-kmp-desktop");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-kmp-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-libs-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-libs-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-tools-domU");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.2", reference:"xen-debugsource-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-devel-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-kmp-default-4.1.4_02_k3.4.33_2.24-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-kmp-default-debuginfo-4.1.4_02_k3.4.33_2.24-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-kmp-desktop-4.1.4_02_k3.4.33_2.24-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-kmp-desktop-debuginfo-4.1.4_02_k3.4.33_2.24-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-kmp-pae-4.1.4_02_k3.4.33_2.24-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-kmp-pae-debuginfo-4.1.4_02_k3.4.33_2.24-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-libs-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-libs-debuginfo-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-tools-domU-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"xen-tools-domU-debuginfo-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xen-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xen-doc-html-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xen-doc-pdf-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xen-libs-32bit-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xen-libs-debuginfo-32bit-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xen-tools-4.1.4_02-5.21.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", cpu:"x86_64", reference:"xen-tools-debuginfo-4.1.4_02-5.21.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xen");
}
VendorProductVersionCPE
novellopensusexenp-cpe:/a:novell:opensuse:xen
novellopensusexen-debugsourcep-cpe:/a:novell:opensuse:xen-debugsource
novellopensusexen-develp-cpe:/a:novell:opensuse:xen-devel
novellopensusexen-doc-htmlp-cpe:/a:novell:opensuse:xen-doc-html
novellopensusexen-doc-pdfp-cpe:/a:novell:opensuse:xen-doc-pdf
novellopensusexen-kmp-defaultp-cpe:/a:novell:opensuse:xen-kmp-default
novellopensusexen-kmp-default-debuginfop-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo
novellopensusexen-kmp-desktopp-cpe:/a:novell:opensuse:xen-kmp-desktop
novellopensusexen-kmp-desktop-debuginfop-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo
novellopensusexen-kmp-paep-cpe:/a:novell:opensuse:xen-kmp-pae
Rows per page:
1-10 of 201

References

Related

nessus 47
fedora 13
suse 5
osv 4
openvas 59
debian 6
securityvulns 6
cve 5
nvd 6
ubuntucve 6
xen 6
prion 7
debiancve 7
cvelist 6
redhat 5
centos 4
ubuntu 1
oraclelinux 3
veracode 1
googleprojectzero 1
exploitpack 1
nessus
nessus
openSUSE Security Update : xen (openSUSE-SU-2013:0636-1)
2014-06-13 00:00:00
SuSE 11.2 Security Update : Xen (SAT Patch Number 7492)
2013-04-04 00:00:00
OracleVM 3.0 : xen (OVMSA-2012-0056)
2014-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: xen-4.2.0-6.fc18
2012-12-12 00:16:38
[SECURITY] Fedora 18 Update: xen-4.2.1-7.fc18
2013-02-18 06:49:37
[SECURITY] Fedora 18 Update: xen-4.2.1-3.fc18
2013-01-23 02:05:39
suse
suse
xen to fix various denial of service issues (important)
2013-01-23 14:05:00
xen to fix various denial of service issues (important)
2012-12-23 20:16:24
Security update for Xen (important)
2012-12-06 17:08:57
osv
osv
xen - several
2013-03-03 00:00:00
xen - denial of service
2012-12-07 00:00:00
qemu-kvm - buffer overflow
2013-01-15 00:00:00
openvas
openvas
Debian Security Advisory DSA 2636-2 (xen - several vulnerabilities)
2013-03-03 00:00:00
SuSE Update for xen openSUSE-SU-2012:1687-1 (xen)
2013-03-11 00:00:00
openSUSE: Security Advisory for xen (openSUSE-SU-2012:1687-1)
2013-03-11 00:00:00
debian
debian
[SECURITY] [DSA 2636-2] xen regression update
2013-03-03 11:28:23
[SECURITY] [DSA 2636-1] xen security update
2013-03-01 19:23:57
[SECURITY] [DSA 2582-1] xen security update
2012-12-07 15:40:44
securityvulns
securityvulns
[SECURITY] [DSA 2636-1] xen security update
2013-03-11 00:00:00
xen multiple security vulnerabilities
2013-03-11 00:00:00
[SECURITY] [DSA 2582-1] xen security update
2012-12-09 00:00:00
cve
cve
CVE-2012-5634
2013-02-14 22:55:01
CVE-2012-5514
2012-12-13 11:53:49
CVE-2012-6075
2013-02-13 01:55:03
nvd
nvd
CVE-2012-5514
2012-12-13 11:53:49
CVE-2012-5634
2013-02-14 22:55:01
CVE-2012-5515
2012-12-13 11:53:49
ubuntucve
ubuntucve
CVE-2012-5514
2012-12-13 00:00:00
CVE-2012-5634
2013-01-08 00:00:00
CVE-2012-6075
2012-12-31 00:00:00
xen
xen
VT-d interrupt remapping source validation flaw
2013-01-08 12:00:00
Broken error handling in guest_physmap_mark_populate_on_demand()
2012-12-03 17:51:00
qemu (e1000 device driver): Buffer overflow when processing large packets
2013-01-16 14:50:00
prion
prion
Design/Logic Flaw
2013-02-14 22:55:00
Command injection
2012-12-13 11:53:00
Design/Logic Flaw
2013-02-14 22:55:00
debiancve
debiancve
CVE-2012-5514
2012-12-13 11:53:49
CVE-2012-5634
2013-02-14 22:55:01
CVE-2012-6075
2013-02-13 01:55:03
cvelist
cvelist
CVE-2012-5514
2012-12-13 11:00:00
CVE-2012-5634
2013-02-14 22:00:00
CVE-2012-5513
2012-12-13 11:00:00
redhat
redhat
(RHSA-2013:0609) Important: qemu-kvm security update
2013-03-07 00:00:00
(RHSA-2013:0608) Important: kvm security update
2013-03-07 00:00:00
(RHSA-2013:0610) Important: qemu-kvm-rhev security update
2013-03-07 00:00:00
centos
centos
xen security update
2013-03-06 19:54:46
qemu security update
2013-03-09 00:45:27
kmod, kvm security update
2013-03-08 00:28:36
ubuntu
ubuntu
QEMU vulnerability
2013-01-16 00:00:00
oraclelinux
oraclelinux
qemu-kvm security update
2013-03-07 00:00:00
xen security update
2013-03-06 00:00:00
kvm security update
2013-03-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:59:10
googleprojectzero
googleprojectzero
Pandavirtualization: Exploiting the Xen hypervisor
2017-04-07 00:00:00
exploitpack
exploitpack
Xen - Broken Check in memory_exchange() Permits PV Guest Breakout
2017-04-11 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.023 Low

EPSS

Percentile

89.8%

JSON
Related for OPENSUSE-2013-311.NASL
nessus47fedora13suse5osv4openvas59debian6securityvulns6cve5nvd6ubuntucve6xen6prion7debiancve7cvelist6redhat5centos4ubuntu1oraclelinux3veracode1googleprojectzero1exploitpack1