Novell Home

CVE-2012-3515

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-3515 at MITRE

Description

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

NVD CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 777084

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for X86-64
SLE SDK 10 SP4 for x86
  • qemu >= 0.8.2-37.14.1
sle10-sp4-sdk.x86-64
sle10-sp4-sdk.x86
sle10-sp4-sdk.x86-64
sle10-sp4-sdk.x86
sle10-sp4-sdk.ia64
sle10-sp4-sdk.ia64
ZYPP Patch Nr: 8336
SLE 11 SP2 DEBUGINFO
  • qemu-debuginfo >= 0.10.1-0.5.7.1
  • qemu-debugsource >= 0.10.1-0.5.7.1
sle11-sp2-sdk.x86-64
slepos11-sp2.x86-64
sle11-sp2-sdk.x86
slepos11-sp2.x86
SAT Patch Nr: 6765
SUSE Linux Enterprise Point of Service 11 SP2
SUSE Linux Enterprise Software Development Kit 11 SP2
  • qemu >= 0.10.1-0.5.7.1
sle11-sp2-sdk.x86-64
slepos11-sp2.x86-64
sle11-sp2-sdk.x86
slepos11-sp2.x86
SAT Patch Nr: 6765
SLE 11 SP1 DEBUGINFO
  • xen-debuginfo >= 4.0.3_21548_10-0.5.1
  • xen-debugsource >= 4.0.3_21548_10-0.5.1
Builds
SAT Patch Nr: 6746
SUSE Linux Enterprise Server 11 SP1 LTSS
  • xen >= 4.0.3_21548_10-0.5.1
  • xen-doc-html >= 4.0.3_21548_10-0.5.1
  • xen-doc-pdf >= 4.0.3_21548_10-0.5.1
  • xen-kmp-default >= 4.0.3_21548_10_2.6.32.59_0.7-0.5.1
  • xen-kmp-pae >= 4.0.3_21548_10_2.6.32.59_0.7-0.5.1
  • xen-kmp-trace >= 4.0.3_21548_10_2.6.32.59_0.7-0.5.1
  • xen-libs >= 4.0.3_21548_10-0.5.1
  • xen-tools >= 4.0.3_21548_10-0.5.1
  • xen-tools-domU >= 4.0.3_21548_10-0.5.1
Builds
SAT Patch Nr: 6746
SUSE Linux Enterprise Server 11 SP1 LTSS
  • xen >= 4.0.3_21548_10-0.5.1
  • xen-doc-html >= 4.0.3_21548_10-0.5.1
  • xen-doc-pdf >= 4.0.3_21548_10-0.5.1
  • xen-kmp-default >= 4.0.3_21548_10_2.6.32.59_0.7-0.5.1
  • xen-kmp-trace >= 4.0.3_21548_10_2.6.32.59_0.7-0.5.1
  • xen-libs >= 4.0.3_21548_10-0.5.1
  • xen-tools >= 4.0.3_21548_10-0.5.1
  • xen-tools-domU >= 4.0.3_21548_10-0.5.1
Builds
SAT Patch Nr: 6746
SUSE Linux Enterprise 10 SP2 DEBUGINFO for AMD64 and Intel EM64T
SUSE Linux Enterprise 10 SP2 DEBUGINFO for x86
  • xen-debuginfo >= 3.2.0_16718_26-0.10.1
sles10-sp2-debuginfo.x86
sles10-sp2-ltss.x86
sles10-sp2-debuginfo.x86-64
sles10-sp2-ltss.x86-64
ZYPP Patch Nr: 8260
SUSE Linux Enterprise Server 10 SP2 for x86
  • xen >= 3.2.0_16718_26-0.10.1
  • xen-devel >= 3.2.0_16718_26-0.10.1
  • xen-doc-html >= 3.2.0_16718_26-0.10.1
  • xen-doc-pdf >= 3.2.0_16718_26-0.10.1
  • xen-doc-ps >= 3.2.0_16718_26-0.10.1
  • xen-kmp-bigsmp >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-debug >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-default >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-kdump >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-smp >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-libs >= 3.2.0_16718_26-0.10.1
  • xen-tools >= 3.2.0_16718_26-0.10.1
  • xen-tools-domU >= 3.2.0_16718_26-0.10.1
  • xen-tools-ioemu >= 3.2.0_16718_26-0.10.1
sles10-sp2-debuginfo.x86
sles10-sp2-ltss.x86
sles10-sp2-debuginfo.x86-64
sles10-sp2-ltss.x86-64
ZYPP Patch Nr: 8260
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T
  • xen >= 3.2.0_16718_26-0.10.1
  • xen-devel >= 3.2.0_16718_26-0.10.1
  • xen-doc-html >= 3.2.0_16718_26-0.10.1
  • xen-doc-pdf >= 3.2.0_16718_26-0.10.1
  • xen-doc-ps >= 3.2.0_16718_26-0.10.1
  • xen-kmp-debug >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-default >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-kdump >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-smp >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-libs >= 3.2.0_16718_26-0.10.1
  • xen-libs-32bit >= 3.2.0_16718_26-0.10.1
  • xen-tools >= 3.2.0_16718_26-0.10.1
  • xen-tools-domU >= 3.2.0_16718_26-0.10.1
  • xen-tools-ioemu >= 3.2.0_16718_26-0.10.1
sles10-sp2-debuginfo.x86
sles10-sp2-ltss.x86
sles10-sp2-debuginfo.x86-64
sles10-sp2-ltss.x86-64
ZYPP Patch Nr: 8260
SUSE Studio Extension for System z 1.2
  • kvm >= 0.12.5-1.24.1
studioonsite1.2.s390x
SAT Patch Nr: 6757
SUSE Studio Onsite 1.2 [Appliance - Studio]
  • qemu >= 0.10.1-0.5.7.1
studioonsite1.2.x86-64
SAT Patch Nr: 6852
SLE 11 SP2 DEBUGINFO
  • kvm-debuginfo >= 0.15.1-0.23.1
  • kvm-debugsource >= 0.15.1-0.23.1
sles11-sp2.x86
sles11-sp2.x86-64
sled11-sp2.x86
sled11-sp2.x86-64
SAT Patch Nr: 6755
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
  • kvm >= 0.15.1-0.23.1
sles11-sp2.x86
sles11-sp2.x86-64
sled11-sp2.x86
sled11-sp2.x86-64
SAT Patch Nr: 6755

© 2014 Novell