CVE-2011-3131

Common Vulnerabilities and Exposures

Upstream information

CVE-2011-3131 at MITRE

Description

Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock.

NVD CVSS v2 Base Score: 4.6 (AV:L/AC:L/Au:S/C:N/I:N/A:C)

Novell/SUSE information

Novell Bugzilla entry: 712051

SUSE Security Advisories:

SUSE-SU-2011:0983-1, published Thu, 1 Sep 2011 07:08:53 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Desktop 10 SP4 for x86	`xen >= 3.2.3_17040_37-0.9.1` `xen-devel >= 3.2.3_17040_37-0.9.1` `xen-doc-html >= 3.2.3_17040_37-0.9.1` `xen-doc-pdf >= 3.2.3_17040_37-0.9.1` `xen-doc-ps >= 3.2.3_17040_37-0.9.1` `xen-kmp-bigsmp >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-default >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-smp >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-libs >= 3.2.3_17040_37-0.9.1` `xen-tools >= 3.2.3_17040_37-0.9.1` `xen-tools-domU >= 3.2.3_17040_37-0.9.1` `xen-tools-ioemu >= 3.2.3_17040_37-0.9.1`	sles10-sp4.x86 sles10-sp4.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7699
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T	`xen >= 3.2.3_17040_37-0.9.1` `xen-devel >= 3.2.3_17040_37-0.9.1` `xen-doc-html >= 3.2.3_17040_37-0.9.1` `xen-doc-pdf >= 3.2.3_17040_37-0.9.1` `xen-doc-ps >= 3.2.3_17040_37-0.9.1` `xen-kmp-default >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-smp >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-libs >= 3.2.3_17040_37-0.9.1` `xen-libs-32bit >= 3.2.3_17040_37-0.9.1` `xen-tools >= 3.2.3_17040_37-0.9.1` `xen-tools-domU >= 3.2.3_17040_37-0.9.1` `xen-tools-ioemu >= 3.2.3_17040_37-0.9.1`	sles10-sp4.x86 sles10-sp4.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7699
SUSE Linux Enterprise 10 SP4 DEBUGINFO for AMD64 and Intel EM64T SUSE Linux Enterprise 10 SP4 DEBUGINFO for x86	`xen-debuginfo >= 3.2.3_17040_37-0.9.1`	sles10-sp4.x86 sles10-sp4.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7699
SLE SDK 10 SP4 for x86	`xen >= 3.2.3_17040_37-0.9.1` `xen-devel >= 3.2.3_17040_37-0.9.1` `xen-kmp-debug >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-kdump >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-libs >= 3.2.3_17040_37-0.9.1` `xen-tools >= 3.2.3_17040_37-0.9.1` `xen-tools-ioemu >= 3.2.3_17040_37-0.9.1`	sles10-sp4.x86 sles10-sp4.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7699
SLE SDK 10 SP4 for X86-64	`xen >= 3.2.3_17040_37-0.9.1` `xen-devel >= 3.2.3_17040_37-0.9.1` `xen-kmp-debug >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-kdump >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-libs >= 3.2.3_17040_37-0.9.1` `xen-libs-32bit >= 3.2.3_17040_37-0.9.1` `xen-tools >= 3.2.3_17040_37-0.9.1` `xen-tools-ioemu >= 3.2.3_17040_37-0.9.1`	sles10-sp4.x86 sles10-sp4.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7699
SUSE Linux Enterprise Server 10 SP4 for x86	`xen >= 3.2.3_17040_37-0.9.1` `xen-devel >= 3.2.3_17040_37-0.9.1` `xen-doc-html >= 3.2.3_17040_37-0.9.1` `xen-doc-pdf >= 3.2.3_17040_37-0.9.1` `xen-doc-ps >= 3.2.3_17040_37-0.9.1` `xen-kmp-bigsmp >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-debug >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-default >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-kdump >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-kdumppae >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-smp >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-vmi >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-vmipae >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-libs >= 3.2.3_17040_37-0.9.1` `xen-tools >= 3.2.3_17040_37-0.9.1` `xen-tools-domU >= 3.2.3_17040_37-0.9.1` `xen-tools-ioemu >= 3.2.3_17040_37-0.9.1`	sles10-sp4.x86 sles10-sp4.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7699
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T	`xen >= 3.2.3_17040_37-0.9.1` `xen-devel >= 3.2.3_17040_37-0.9.1` `xen-doc-html >= 3.2.3_17040_37-0.9.1` `xen-doc-pdf >= 3.2.3_17040_37-0.9.1` `xen-doc-ps >= 3.2.3_17040_37-0.9.1` `xen-kmp-debug >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-default >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-kdump >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-kmp-smp >= 3.2.3_17040_37_2.6.16.60_0.89.2-0.9.1` `xen-libs >= 3.2.3_17040_37-0.9.1` `xen-libs-32bit >= 3.2.3_17040_37-0.9.1` `xen-tools >= 3.2.3_17040_37-0.9.1` `xen-tools-domU >= 3.2.3_17040_37-0.9.1` `xen-tools-ioemu >= 3.2.3_17040_37-0.9.1`	sles10-sp4.x86 sles10-sp4.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7699
SLE 11 SP1 DEBUGINFO	`libvirt-debuginfo >= 0.7.6-1.27.5` `libvirt-debugsource >= 0.7.6-1.27.5` `xen-debuginfo >= 4.0.2_21511_04-0.5.1` `xen-debugsource >= 4.0.2_21511_04-0.5.1`	sled11-sp1.x86-64 sled11-sp1.x86 sle11-sp1-sdk.x86 sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.x86-64 SAT Patch Nr: 5334
SUSE Linux Enterprise Software Development Kit 11 SP1	`libvirt-devel >= 0.7.6-1.27.5` `xen-devel >= 4.0.2_21511_04-0.5.1`	sled11-sp1.x86-64 sled11-sp1.x86 sle11-sp1-sdk.x86 sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.x86-64 SAT Patch Nr: 5334
SUSE Linux Enterprise Desktop 11 SP1	`libvirt >= 0.7.6-1.27.5` `libvirt-doc >= 0.7.6-1.27.5` `libvirt-python >= 0.7.6-1.27.5` `vm-install >= 0.4.32-0.3.6` `xen >= 4.0.2_21511_04-0.5.1` `xen-kmp-default >= 4.0.2_21511_04_2.6.32.46_0.3-0.5.1` `xen-kmp-pae >= 4.0.2_21511_04_2.6.32.46_0.3-0.5.1` `xen-libs >= 4.0.2_21511_04-0.5.1` `xen-tools >= 4.0.2_21511_04-0.5.1` `xen-tools-domU >= 4.0.2_21511_04-0.5.1`	sled11-sp1.x86-64 sled11-sp1.x86 sle11-sp1-sdk.x86 sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.x86-64 SAT Patch Nr: 5334
SUSE Linux Enterprise Desktop 11 SP1	`libvirt >= 0.7.6-1.27.5` `libvirt-doc >= 0.7.6-1.27.5` `libvirt-python >= 0.7.6-1.27.5` `vm-install >= 0.4.32-0.3.6` `xen >= 4.0.2_21511_04-0.5.1` `xen-kmp-default >= 4.0.2_21511_04_2.6.32.46_0.3-0.5.1` `xen-libs >= 4.0.2_21511_04-0.5.1` `xen-tools >= 4.0.2_21511_04-0.5.1` `xen-tools-domU >= 4.0.2_21511_04-0.5.1`	sled11-sp1.x86-64 sled11-sp1.x86 sle11-sp1-sdk.x86 sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.x86-64 SAT Patch Nr: 5334
SUSE Linux Enterprise Server 11 SP1	`libvirt >= 0.7.6-1.27.5` `libvirt-doc >= 0.7.6-1.27.5` `libvirt-python >= 0.7.6-1.27.5` `vm-install >= 0.4.32-0.3.6` `xen >= 4.0.2_21511_04-0.5.1` `xen-doc-html >= 4.0.2_21511_04-0.5.1` `xen-doc-pdf >= 4.0.2_21511_04-0.5.1` `xen-kmp-default >= 4.0.2_21511_04_2.6.32.46_0.3-0.5.1` `xen-libs >= 4.0.2_21511_04-0.5.1` `xen-tools >= 4.0.2_21511_04-0.5.1` `xen-tools-domU >= 4.0.2_21511_04-0.5.1`	sled11-sp1.x86-64 sled11-sp1.x86 sle11-sp1-sdk.x86 sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.x86-64 SAT Patch Nr: 5334
SUSE Linux Enterprise Server 11 SP1	`libvirt >= 0.7.6-1.27.5` `libvirt-doc >= 0.7.6-1.27.5` `libvirt-python >= 0.7.6-1.27.5` `vm-install >= 0.4.32-0.3.6` `xen >= 4.0.2_21511_04-0.5.1` `xen-doc-html >= 4.0.2_21511_04-0.5.1` `xen-doc-pdf >= 4.0.2_21511_04-0.5.1` `xen-kmp-default >= 4.0.2_21511_04_2.6.32.46_0.3-0.5.1` `xen-kmp-pae >= 4.0.2_21511_04_2.6.32.46_0.3-0.5.1` `xen-libs >= 4.0.2_21511_04-0.5.1` `xen-tools >= 4.0.2_21511_04-0.5.1` `xen-tools-domU >= 4.0.2_21511_04-0.5.1`	sled11-sp1.x86-64 sled11-sp1.x86 sle11-sp1-sdk.x86 sle11-sp1-sdk.x86-64 sles11-sp1.x86 sles11-sp1.x86-64 SAT Patch Nr: 5334

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy