{"affected":[{"ecosystem_specific":{"binaries":[{"xen-kmp-default":"4.2.5_21_3.0.101_0.47.105-45.5.1","xen-kmp-pae":"4.2.5_21_3.0.101_0.47.105-45.5.1","xen-libs":"4.2.5_21-45.5.1","xen-tools-domU":"4.2.5_21-45.5.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Point of Sale 11 SP3","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.2.5_21-45.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.2.5_21-45.5.1","xen-doc-html":"4.2.5_21-45.5.1","xen-doc-pdf":"4.2.5_21-45.5.1","xen-kmp-default":"4.2.5_21_3.0.101_0.47.105-45.5.1","xen-kmp-pae":"4.2.5_21_3.0.101_0.47.105-45.5.1","xen-libs":"4.2.5_21-45.5.1","xen-libs-32bit":"4.2.5_21-45.5.1","xen-tools":"4.2.5_21-45.5.1","xen-tools-domU":"4.2.5_21-45.5.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP3-LTSS","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.2.5_21-45.5.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for xen fixes the following issues:\n\n- CVE-2017-12855: Premature clearing of GTF_writing / GTF_reading lead to\n  potentially leaking sensitive information (XSA-230, bsc#1052686).\n- CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious\n  guest to crash the host or potentially escalate privileges/leak information\n  (XSA-226, bsc#1051787).\n- CVE-2017-12137: Incorrectly-aligned updates to pagetables allowed for\n  privilege escalation (XSA-227, bsc#1051788).\n- CVE-2017-11334: The address_space_write_continue function in exec.c allowed\n  local guest OS privileged users to cause a denial of service (out-of-bounds\n  access and guest instance crash) by leveraging use of qemu_map_ram_ptr to\n  access guest ram block area (bsc#1048920).\n- CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest\n  OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP\n  options string (bsc#1049578).\n- CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote\n  attackers to cause a denial of service (daemon crash) by disconnecting during\n  a server-to-client reply attempt (bsc#1046637).\n","id":"SUSE-SU-2017:2339-1","modified":"2017-09-04T11:12:18Z","published":"2017-09-04T11:12:18Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20172339-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1046637"},{"type":"REPORT","url":"https://bugzilla.suse.com/1048920"},{"type":"REPORT","url":"https://bugzilla.suse.com/1049578"},{"type":"REPORT","url":"https://bugzilla.suse.com/1051787"},{"type":"REPORT","url":"https://bugzilla.suse.com/1051788"},{"type":"REPORT","url":"https://bugzilla.suse.com/1052686"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-10664"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-11334"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-11434"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-12135"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-12137"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-12855"}],"related":["CVE-2017-10664","CVE-2017-11334","CVE-2017-11434","CVE-2017-12135","CVE-2017-12137","CVE-2017-12855"],"summary":"Security update for xen","upstream":["CVE-2017-10664","CVE-2017-11334","CVE-2017-11434","CVE-2017-12135","CVE-2017-12137","CVE-2017-12855"]}