SUSE-SU-2015:1157-1

Source
https://www.suse.com/support/update/announcement/2015/suse-su-20151157-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:1157-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2015:1157-1
Related
Published
2015-06-05T12:47:22Z
Modified
2015-06-05T12:47:22Z
Summary
Security update for Xen
Details

Xen was updated to fix six security issues:

* CVE-2015-4103: Potential unintended writes to host MSI message data
  field via qemu. (XSA-128, bsc#931625)
* CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests.
  (XSA-129, bsc#931626)
* CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error
  messages. (XSA-130, bsc#931627)
* CVE-2015-4106: Unmediated PCI register access in qemu. (XSA-131,
  bsc#931628)
* CVE-2015-3209: Heap overflow in qemu pcnet controller allowing guest
  to host escape. (XSA-135, bsc#932770)
* CVE-2015-4164: DoS through iret hypercall handler. (XSA-136,
  bsc#932996)

Security Issues:

* CVE-2015-4103
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4103>
* CVE-2015-4104
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4104>
* CVE-2015-4105
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4105>
* CVE-2015-4106
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4106>
* CVE-2015-4163
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4163>
* CVE-2015-4164
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4164>
* CVE-2015-3209
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209>
References

Affected packages