Описание
Recommended update for xen
This update for xen to version 4.10.4 fixes the following issues:
- Fixed an issue where libxenlight could not restore domain vsa6535522 on live migration (bsc#1133818).
- Fixed an HPS bug which did not allow to install Windows Server 2016 with 2 CPUs setting or above (bsc#1137717).
- Fixed an issue where libxenlight could not create new domain (bsc#1131811).
- Fixed an issue where Xen could not pre-allocate 1 shadow page (bsc#1145240).
- Fixed an issue where attached pci devices were lost after reboot (bsc#1129642).
- Fixed a segmentation fault in Libvrtd during live migration to a VM (bsc#1145774).
- Xenpvnetboot is now ported correctly to Python 3 (bsc#1138563).
Список пакетов
Image SLES15-EC2-CHOST-HVM-BYOS
Image SLES15-EC2-HVM-BYOS
Image SLES15-SAP-EC2-HVM
Image SLES15-SAP-EC2-HVM-BYOS
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Server Applications 15
Ссылки
- Link for SUSE-RU-2019:2767-1
- E-Mail link for SUSE-RU-2019:2767-1
- SUSE Security Ratings
- SUSE Bug 1027519
- SUSE Bug 1126140
- SUSE Bug 1126141
- SUSE Bug 1126192
- SUSE Bug 1126195
- SUSE Bug 1126196
- SUSE Bug 1126197
- SUSE Bug 1126198
- SUSE Bug 1126201
- SUSE Bug 1127400
- SUSE Bug 1129642
- SUSE Bug 1131811
- SUSE Bug 1133818
- SUSE Bug 1137717
- SUSE Bug 1138294
- SUSE Bug 1138563
- SUSE Bug 1145240
Описание
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Затронутые продукты
Ссылки
- CVE-2018-12126
- SUSE Bug 1103186
- SUSE Bug 1111331
- SUSE Bug 1132686
- SUSE Bug 1135409
- SUSE Bug 1135524
- SUSE Bug 1137916
- SUSE Bug 1138534
- SUSE Bug 1141977
- SUSE Bug 1149725
- SUSE Bug 1149726
- SUSE Bug 1149729
- SUSE Bug 1178658
- SUSE Bug 1201877
Описание
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Затронутые продукты
Ссылки
- CVE-2018-12127
- SUSE Bug 1103186
- SUSE Bug 1111331
- SUSE Bug 1132686
- SUSE Bug 1135409
- SUSE Bug 1138534
- SUSE Bug 1141977
- SUSE Bug 1178658
- SUSE Bug 1201877
Описание
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Затронутые продукты
Ссылки
- CVE-2018-12130
- SUSE Bug 1103186
- SUSE Bug 1111331
- SUSE Bug 1132686
- SUSE Bug 1135409
- SUSE Bug 1137916
- SUSE Bug 1138534
- SUSE Bug 1141977
- SUSE Bug 1178658
- SUSE Bug 1201877
Описание
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Затронутые продукты
Ссылки
- CVE-2019-11091
- SUSE Bug 1103186
- SUSE Bug 1111331
- SUSE Bug 1132686
- SUSE Bug 1133319
- SUSE Bug 1135394
- SUSE Bug 1138043
- SUSE Bug 1138534
- SUSE Bug 1141977
- SUSE Bug 1178658
- SUSE Bug 1201877
Описание
An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled.
Затронутые продукты
Ссылки
- CVE-2019-17340
- SUSE Bug 1126140
- SUSE Bug 1178658
Описание
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passed-through PCI device.
Затронутые продукты
Ссылки
- CVE-2019-17341
- SUSE Bug 1126141
- SUSE Bug 1178658
Описание
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introduced.
Затронутые продукты
Ссылки
- CVE-2019-17342
- SUSE Bug 1126192
- SUSE Bug 1178658
Описание
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains.
Затронутые продукты
Ссылки
- CVE-2019-17343
- SUSE Bug 1126195
- SUSE Bug 1178658
Описание
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service by leveraging a long-running operation that exists to support restartability of PTE updates.
Затронутые продукты
Ссылки
- CVE-2019-17344
- SUSE Bug 1126196
- SUSE Bug 1178658
Описание
An issue was discovered in Xen 4.8.x through 4.11.x allowing x86 PV guest OS users to cause a denial of service because mishandling of failed IOMMU operations causes a bug check during the cleanup of a crashed guest.
Затронутые продукты
Ссылки
- CVE-2019-17345
- SUSE Bug 1126197
Описание
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers (PCID) and TLB flushes.
Затронутые продукты
Ссылки
- CVE-2019-17346
- SUSE Bug 1126198
Описание
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux (and possibly other guest kernels).
Затронутые продукты
Ссылки
- CVE-2019-17347
- SUSE Bug 1126201
Описание
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service because of an incompatibility between Process Context Identifiers (PCID) and shadow-pagetable switching.
Затронутые продукты
Ссылки
- CVE-2019-17348
- SUSE Bug 1127400
Описание
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.
Затронутые продукты
Ссылки
- CVE-2019-17349
- SUSE Bug 1138294