Novell Home

CVE-2014-1666

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2014-1666 at MITRE

Description

The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which allows local PV guests to cause a denial of service (host or guest malfunction) or possibly gain privileges via unspecified vectors.

NVD CVSS v2 Base Score: 8.3 (AV:A/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 860302

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SP2 DEBUGINFO
  • xen-debuginfo >= 4.1.6_06-0.5.1
  • xen-debugsource >= 4.1.6_06-0.5.1
Builds
SAT Patch Nr: 8964
SUSE Linux Enterprise Server 11 SP2 LTSS
  • xen-kmp-default >= 4.1.6_06_3.0.101_0.7.17-0.5.1
  • xen-kmp-pae >= 4.1.6_06_3.0.101_0.7.17-0.5.1
  • xen-kmp-trace >= 4.1.6_06_3.0.101_0.7.17-0.5.1
  • xen-libs >= 4.1.6_06-0.5.1
  • xen-tools-domU >= 4.1.6_06-0.5.1
Builds
SAT Patch Nr: 8964
SUSE Linux Enterprise Server 11 SP2 LTSS
  • xen >= 4.1.6_06-0.5.1
  • xen-doc-html >= 4.1.6_06-0.5.1
  • xen-doc-pdf >= 4.1.6_06-0.5.1
  • xen-kmp-default >= 4.1.6_06_3.0.101_0.7.17-0.5.1
  • xen-kmp-trace >= 4.1.6_06_3.0.101_0.7.17-0.5.1
  • xen-libs >= 4.1.6_06-0.5.1
  • xen-libs-32bit >= 4.1.6_06-0.5.1
  • xen-tools >= 4.1.6_06-0.5.1
  • xen-tools-domU >= 4.1.6_06-0.5.1
Builds
SAT Patch Nr: 8964
SLE 11 SP3 DEBUGINFO
  • xen-debuginfo >= 4.2.4_02-0.7.1
  • xen-debugsource >= 4.2.4_02-0.7.1
Builds
SAT Patch Nr: 8973
SUSE Linux Enterprise Software Development Kit 11 SP3
  • xen-devel >= 4.2.4_02-0.7.1
Builds
SAT Patch Nr: 8973
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
  • xen >= 4.2.4_02-0.7.1
  • xen-doc-html >= 4.2.4_02-0.7.1
  • xen-doc-pdf >= 4.2.4_02-0.7.1
  • xen-kmp-default >= 4.2.4_02_3.0.101_0.15-0.7.1
  • xen-libs >= 4.2.4_02-0.7.1
  • xen-libs-32bit >= 4.2.4_02-0.7.1
  • xen-tools >= 4.2.4_02-0.7.1
  • xen-tools-domU >= 4.2.4_02-0.7.1
Builds
SAT Patch Nr: 8973
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
  • xen-kmp-default >= 4.2.4_02_3.0.101_0.15-0.7.1
  • xen-kmp-pae >= 4.2.4_02_3.0.101_0.15-0.7.1
  • xen-libs >= 4.2.4_02-0.7.1
  • xen-tools-domU >= 4.2.4_02-0.7.1
Builds
SAT Patch Nr: 8973

© 2014 Novell