Описание
Security update for xen
This update for xen fixes the following issues:
Update to Xen 4.7.5 bug fix only release (bsc#1027519)
Security issues fixed:
-
CVE-2018-7540: Fixed DoS via non-preemptable L3/L4 pagetable freeing (XSA-252) (bsc#1080635)
-
CVE-2018-7541: A grant table v2 -> v1 transition may crash Xen (XSA-255) (bsc#1080662)
-
CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 Fixed information leaks via side effects of speculative execution (XSA-254). Includes Spectre v2 mitigation. (bsc#1074562)
-
Preserve xen-syms from xen-dbg.gz to allow processing vmcores with crash(1) (bsc#1087251)
-
Xen HVM: Fixed unchecked MSR access error (bsc#1072834)
-
Add script, udev rule and systemd service to watch for vcpu online/offline events in a HVM domU They are triggered via xl vcpu-set domU N (fate#324965)
-
Make sure tools and tools-domU require libs from the very same build
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP2
Ссылки
- Link for SUSE-SU-2018:0909-1
- E-Mail link for SUSE-SU-2018:0909-1
- SUSE Security Ratings
- SUSE Bug 1027519
- SUSE Bug 1072834
- SUSE Bug 1074562
- SUSE Bug 1080635
- SUSE Bug 1080662
- SUSE Bug 1087251
- SUSE CVE CVE-2017-5715 page
- SUSE CVE CVE-2017-5753 page
- SUSE CVE CVE-2017-5754 page
- SUSE CVE CVE-2018-7540 page
- SUSE CVE CVE-2018-7541 page
Описание
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Затронутые продукты
Ссылки
- CVE-2017-5715
- SUSE Bug 1068032
- SUSE Bug 1074562
- SUSE Bug 1074578
- SUSE Bug 1074701
- SUSE Bug 1074741
- SUSE Bug 1074919
- SUSE Bug 1075006
- SUSE Bug 1075007
- SUSE Bug 1075262
- SUSE Bug 1075419
- SUSE Bug 1076115
- SUSE Bug 1076372
- SUSE Bug 1076606
- SUSE Bug 1078353
- SUSE Bug 1080039
- SUSE Bug 1087887
- SUSE Bug 1087939
- SUSE Bug 1088147
- SUSE Bug 1089055
Описание
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Затронутые продукты
Ссылки
- CVE-2017-5753
- SUSE Bug 1068032
- SUSE Bug 1074562
- SUSE Bug 1074578
- SUSE Bug 1074701
- SUSE Bug 1075006
- SUSE Bug 1075419
- SUSE Bug 1075748
- SUSE Bug 1080039
- SUSE Bug 1087084
- SUSE Bug 1087939
- SUSE Bug 1089055
- SUSE Bug 1136865
- SUSE Bug 1178658
- SUSE Bug 1201877
- SUSE Bug 1209547
Описание
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
Затронутые продукты
Ссылки
- CVE-2017-5754
- SUSE Bug 1068032
- SUSE Bug 1074562
- SUSE Bug 1074578
- SUSE Bug 1074701
- SUSE Bug 1075006
- SUSE Bug 1075008
- SUSE Bug 1087939
- SUSE Bug 1089055
- SUSE Bug 1115045
- SUSE Bug 1136865
- SUSE Bug 1178658
- SUSE Bug 1201877
Описание
An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.
Затронутые продукты
Ссылки
- CVE-2018-7540
- SUSE Bug 1080635
- SUSE Bug 1178658
Описание
An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
Затронутые продукты
Ссылки
- CVE-2018-7541
- SUSE Bug 1080662
- SUSE Bug 1178658