Bugzilla – Bug 918995
VUL-0: CVE-2015-2044: xen: XSA-121: Information leak via internal x86 system device emulation
Last modified: 2015-12-08 14:12:59 UTC
CVE-2015-2044 got assigned
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2015-03-09. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/60766
bugbot adjusting priority
public now. Xen Security Advisory CVE-2015-2044 / XSA-121 version 3 Information leak via internal x86 system device emulation UPDATES IN VERSION 3 ==================== Public release. ISSUE DESCRIPTION ================= Emulation routines in the hypervisor dealing with certain system devices check whether the access size by the guest is a supported one. When the access size is unsupported these routines failed to set the data to be returned to the guest for read accesses, so that hypervisor stack contents are copied into the destination of the operation, thus becoming visible to the guest. IMPACT ====== A malicious HVM guest might be able to read sensitive data relating to other guests. VULNERABLE SYSTEMS ================== Xen 3.2.x and later are vulnerable. Xen 3.1.x and earlier have not been inspected. Only HVM guests can take advantage of this vulnerability. Only x86 systems are vulnerable. ARM systems are not vulnerable. MITIGATION ========== Running only PV guests will avoid this issue. CREDITS ======= This issue was discovered by Jan Beulich of SUSE. RESOLUTION ========== Applying the attached patch resolves this issue. xsa121.patch xen-unstable, Xen 4.5.x, Xen 4.4.x, Xen 4.3.x, Xen 4.2.x $ sha256sum xsa121*.patch e74afb34e8059e8ee25b803019c192aa47c29208af2c19fb81aa84b0d7c0d268 xsa121.patch $
SLE12: MR#52782 SLE11-SP3: SR#52784 SLE11-SP2: SR#52786 SLE11-SP1: SR#52788 SLE11-SP1-Teradata: SR#52790 SLE10-SP4: SR#52792 SLE10-SP3: SR#52794
SUSE-SU-2015:0613-1: An update that solves 8 vulnerabilities and has 7 fixes is now available. Category: security (important) Bug References: 861318,882089,895528,901488,903680,904255,906996,910254,910681,912011,918995,918998,919098,919464,919663 CVE References: CVE-2014-3615,CVE-2014-9065,CVE-2014-9066,CVE-2015-0361,CVE-2015-2044,CVE-2015-2045,CVE-2015-2151,CVE-2015-2152 Sources used: SUSE Linux Enterprise Software Development Kit 12 (src): xen-4.4.1_10-9.1 SUSE Linux Enterprise Server 12 (src): xen-4.4.1_10-9.1 SUSE Linux Enterprise Desktop 12 (src): xen-4.4.1_10-9.1
openSUSE-SU-2015:0732-1: An update that solves 7 vulnerabilities and has 5 fixes is now available. Category: security (important) Bug References: 861318,895528,901488,903680,910254,918995,918998,919098,919464,919663,922705,922706 CVE References: CVE-2014-3615,CVE-2015-2044,CVE-2015-2045,CVE-2015-2151,CVE-2015-2152,CVE-2015-2752,CVE-2015-2756 Sources used: openSUSE 13.1 (src): xen-4.3.4_02-41.1
SUSE-SU-2015:0744-1: An update that fixes 9 vulnerabilities is now available. Category: security (moderate) Bug References: 918995,918998,919464,922705 CVE References: CVE-2013-3495,CVE-2014-3615,CVE-2014-5146,CVE-2014-5149,CVE-2014-9065,CVE-2014-9066,CVE-2015-0361,CVE-2015-2044,CVE-2015-2045 Sources used: SUSE Linux Enterprise Server 10 SP4 LTSS (src): xen-3.2.3_17040_46-0.13.1
SUSE-SU-2015:0745-1: An update that solves four vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 918995,918998,919464,922705,922706 CVE References: CVE-2015-2044,CVE-2015-2045,CVE-2015-2151,CVE-2015-2756 Sources used: SUSE Linux Enterprise Server 11 SP1 LTSS (src): xen-4.0.3_21548_18-0.15.1
SUSE-SU-2015:0746-1: An update that solves four vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 907755,918995,918998,919464,922705,922706 CVE References: CVE-2015-2044,CVE-2015-2045,CVE-2015-2151,CVE-2015-2756 Sources used: SUSE Linux Enterprise Server 11 SP2 LTSS (src): xen-4.1.6_08-0.9.1
SUSE-SU-2015:0747-1: An update that solves four vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 918995,918998,919341,919464,922705,922706 CVE References: CVE-2015-2044,CVE-2015-2045,CVE-2015-2151,CVE-2015-2756 Sources used: SUSE Linux Enterprise Software Development Kit 11 SP3 (src): xen-4.2.5_04-0.9.1 SUSE Linux Enterprise Server 11 SP3 (src): xen-4.2.5_04-0.9.1 SUSE Linux Enterprise Desktop 11 SP3 (src): xen-4.2.5_04-0.9.1
openSUSE-SU-2015:1092-1: An update that solves 17 vulnerabilities and has 10 fixes is now available. Category: security (important) Bug References: 861318,882089,895528,901488,903680,906689,910254,912011,918995,918998,919098,919464,919663,921842,922705,922706,922709,923758,927967,929339,931625,931626,931627,931628,932770,932790,932996 CVE References: CVE-2014-3615,CVE-2015-2044,CVE-2015-2045,CVE-2015-2151,CVE-2015-2152,CVE-2015-2751,CVE-2015-2752,CVE-2015-2756,CVE-2015-3209,CVE-2015-3340,CVE-2015-3456,CVE-2015-4103,CVE-2015-4104,CVE-2015-4105,CVE-2015-4106,CVE-2015-4163,CVE-2015-4164 Sources used: openSUSE 13.2 (src): xen-4.4.2_06-23.1
released