CVE-2012-4411

Common Vulnerabilities and Exposures

Upstream information

CVE-2012-4411 at MITRE

Description

The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998.

NVD CVSS v2 Base Score: 4.6 (AV:L/AC:L/Au:S/C:C/I:N/A:N)

Novell/SUSE information

Novell Bugzilla entries: 779212, 786516, 786518, 786519, 786520, 787163

SUSE Security Advisories:

SUSE-SU-2012:1486-1, published Fri, 16 Nov 2012 00:09:20 +0100 (CET)
SUSE-SU-2012:1487-1, published Fri, 16 Nov 2012 17:08:43 +0100 (CET)
SUSE-SU-2012:1503-1, published Mon, 19 Nov 2012 21:08:39 +0100 (CET)
openSUSE-SU-2012:1572-1, published Mon, 26 Nov 2012 15:08:36 +0100 (CET)
openSUSE-SU-2012:1573-1, published Mon, 26 Nov 2012 15:13:15 +0100 (CET)

List of released packages

Product(s)	Fixed package version(s)	References
SLE 11 SP2 DEBUGINFO	`libvirt-debuginfo >= 0.9.6-0.23.1` `libvirt-debugsource >= 0.9.6-0.23.1`	sles11-sp2.x86-64 sles11-sp2.x86 sled11-sp2.x86-64 sled11-sp2.x86 sle11-sp2-sdk.x86 sle11-sp2-sdk.x86-64 SAT Patch Nr: 7015
SUSE Linux Enterprise Software Development Kit 11 SP2	`libvirt-devel >= 0.9.6-0.23.1`	sles11-sp2.x86-64 sles11-sp2.x86 sled11-sp2.x86-64 sled11-sp2.x86 sle11-sp2-sdk.x86 sle11-sp2-sdk.x86-64 SAT Patch Nr: 7015
SUSE Linux Enterprise Software Development Kit 11 SP2	`libvirt-devel >= 0.9.6-0.23.1` `libvirt-devel-32bit >= 0.9.6-0.23.1`	sles11-sp2.x86-64 sles11-sp2.x86 sled11-sp2.x86-64 sled11-sp2.x86 sle11-sp2-sdk.x86 sle11-sp2-sdk.x86-64 SAT Patch Nr: 7015
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2	`libvirt >= 0.9.6-0.23.1` `libvirt-client >= 0.9.6-0.23.1` `libvirt-doc >= 0.9.6-0.23.1` `libvirt-python >= 0.9.6-0.23.1`	sles11-sp2.x86-64 sles11-sp2.x86 sled11-sp2.x86-64 sled11-sp2.x86 sle11-sp2-sdk.x86 sle11-sp2-sdk.x86-64 SAT Patch Nr: 7015
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2	`libvirt >= 0.9.6-0.23.1` `libvirt-client >= 0.9.6-0.23.1` `libvirt-client-32bit >= 0.9.6-0.23.1` `libvirt-doc >= 0.9.6-0.23.1` `libvirt-python >= 0.9.6-0.23.1`	sles11-sp2.x86-64 sles11-sp2.x86 sled11-sp2.x86-64 sled11-sp2.x86 sle11-sp2-sdk.x86 sle11-sp2-sdk.x86-64 SAT Patch Nr: 7015
SLE 11 SP2 DEBUGINFO	`xen-debuginfo >= 4.1.3_04-0.5.1` `xen-debugsource >= 4.1.3_04-0.5.1`	sled11-sp2.x86 sles11-sp2-vmware.x86 sle11-sp2-sdk.x86 sles11-sp2.x86 sle11-sp2-sdk.x86-64 sles11-sp2.x86-64 sles11-sp2-vmware.x86-64 sled11-sp2.x86-64 SAT Patch Nr: 7018
SUSE Linux Enterprise Software Development Kit 11 SP2	`xen-devel >= 4.1.3_04-0.5.1`	sled11-sp2.x86 sles11-sp2-vmware.x86 sle11-sp2-sdk.x86 sles11-sp2.x86 sle11-sp2-sdk.x86-64 sles11-sp2.x86-64 sles11-sp2-vmware.x86-64 sled11-sp2.x86-64 SAT Patch Nr: 7018
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2	`xen-kmp-default >= 4.1.3_04_3.0.42_0.7-0.5.1` `xen-kmp-pae >= 4.1.3_04_3.0.42_0.7-0.5.1` `xen-kmp-trace >= 4.1.3_04_3.0.42_0.7-0.5.1` `xen-libs >= 4.1.3_04-0.5.1` `xen-tools-domU >= 4.1.3_04-0.5.1`	sled11-sp2.x86 sles11-sp2-vmware.x86 sle11-sp2-sdk.x86 sles11-sp2.x86 sle11-sp2-sdk.x86-64 sles11-sp2.x86-64 sles11-sp2-vmware.x86-64 sled11-sp2.x86-64 SAT Patch Nr: 7018
SUSE Linux Enterprise Server 11 SP2 for VMware	`xen-kmp-trace >= 4.1.3_04_3.0.42_0.7-0.5.1`	sled11-sp2.x86 sles11-sp2-vmware.x86 sle11-sp2-sdk.x86 sles11-sp2.x86 sle11-sp2-sdk.x86-64 sles11-sp2.x86-64 sles11-sp2-vmware.x86-64 sled11-sp2.x86-64 SAT Patch Nr: 7018
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2	`xen >= 4.1.3_04-0.5.1` `xen-doc-html >= 4.1.3_04-0.5.1` `xen-doc-pdf >= 4.1.3_04-0.5.1` `xen-kmp-default >= 4.1.3_04_3.0.42_0.7-0.5.1` `xen-kmp-trace >= 4.1.3_04_3.0.42_0.7-0.5.1` `xen-libs >= 4.1.3_04-0.5.1` `xen-libs-32bit >= 4.1.3_04-0.5.1` `xen-tools >= 4.1.3_04-0.5.1` `xen-tools-domU >= 4.1.3_04-0.5.1`	sled11-sp2.x86 sles11-sp2-vmware.x86 sle11-sp2-sdk.x86 sles11-sp2.x86 sle11-sp2-sdk.x86-64 sles11-sp2.x86-64 sles11-sp2-vmware.x86-64 sled11-sp2.x86-64 SAT Patch Nr: 7018
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2	`vm-install >= 0.5.14-0.5.7`	sled11-sp2.x86 sles11-sp2.x86-64 sles11-sp2.x86 sled11-sp2.x86-64 SAT Patch Nr: 7081