Novell Home

CVE-2011-1583

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-1583 at MITRE

Description

Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.

NVD CVSS v2 Base Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entries: 688473, 715639

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP1
  • libvirt-devel >= 0.7.6-1.21.1
  • xen-devel >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Desktop 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-kmp-pae >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Desktop 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Server 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-doc-html >= 4.0.1_21326_08-0.5.1
  • xen-doc-pdf >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-kmp-pae >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Server 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-doc-html >= 4.0.1_21326_08-0.5.1
  • xen-doc-pdf >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
openSUSE 11.3
  • xen-debugsource >= 4.0.1_21326_08-0.7.1
  • xen-kmp-default-debuginfo >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-desktop-debuginfo >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-pae-debuginfo >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-libs-debuginfo >= 4.0.1_21326_08-0.7.1
  • xen-tools-debuginfo >= 4.0.1_21326_08-0.7.1
  • xen-tools-domU-debuginfo >= 4.0.1_21326_08-0.7.1
openSUSE 11.3
  • vm-install >= 0.4.30-0.4.1
  • xen >= 4.0.1_21326_08-0.7.1
  • xen-devel >= 4.0.1_21326_08-0.7.1
  • xen-doc-html >= 4.0.1_21326_08-0.7.1
  • xen-doc-pdf >= 4.0.1_21326_08-0.7.1
  • xen-kmp-default >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-desktop >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-pae >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-libs >= 4.0.1_21326_08-0.7.1
  • xen-tools >= 4.0.1_21326_08-0.7.1
  • xen-tools-domU >= 4.0.1_21326_08-0.7.1
openSUSE 11.4
  • vm-install >= 0.4.30-0.3.1
  • xen >= 4.0.2_02-4.9.2
  • xen-devel >= 4.0.2_02-4.9.2
  • xen-doc-html >= 4.0.2_02-4.9.2
  • xen-doc-pdf >= 4.0.2_02-4.9.2
  • xen-kmp-default >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-desktop >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-pae >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-libs >= 4.0.2_02-4.9.2
  • xen-tools >= 4.0.2_02-4.9.2
  • xen-tools-domU >= 4.0.2_02-4.9.2

© 2014 Novell