Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:1456-1

Опубликовано: 29 мая 2018
Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following issues:

Security issues fixed:

  • CVE-2018-3639: Spectre V4 – Speculative Store Bypass aka 'Memory Disambiguation' (bsc#1092631)

    This feature can be controlled by the 'ssbd=on/off' commandline flag for the XEN hypervisor.

  • CVE-2018-10982: x86 vHPET interrupt injection errors (XSA-261 bsc#1090822)

  • CVE-2018-10981: qemu may drive Xen into unbounded loop (XSA-262 bsc#1090823)

Other bugfixes:

  • Upstream patches from Jan (bsc#1027519)
  • additional fixes related to Page Table Isolation (XPTI). (bsc#1074562 XSA-254)
  • qemu-system-i386 cannot handle more than 4 HW NICs (bsc#1090296)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP3
xen-4.9.2_06-3.32.1
xen-libs-4.9.2_06-3.32.1
xen-libs-32bit-4.9.2_06-3.32.1
SUSE Linux Enterprise Server 12 SP3
xen-4.9.2_06-3.32.1
xen-doc-html-4.9.2_06-3.32.1
xen-libs-4.9.2_06-3.32.1
xen-libs-32bit-4.9.2_06-3.32.1
xen-tools-4.9.2_06-3.32.1
xen-tools-domU-4.9.2_06-3.32.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
xen-4.9.2_06-3.32.1
xen-doc-html-4.9.2_06-3.32.1
xen-libs-4.9.2_06-3.32.1
xen-libs-32bit-4.9.2_06-3.32.1
xen-tools-4.9.2_06-3.32.1
xen-tools-domU-4.9.2_06-3.32.1
SUSE Linux Enterprise Software Development Kit 12 SP3
xen-devel-4.9.2_06-3.32.1

Ссылки

Описание

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_06-3.32.1
SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_06-3.32.1
SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_06-3.32.1
SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_06-3.32.1
Ссылки

Описание

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_06-3.32.1
SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_06-3.32.1
SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_06-3.32.1
SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_06-3.32.1
Ссылки

Описание

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_06-3.32.1
SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_06-3.32.1
SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_06-3.32.1
SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_06-3.32.1
Ссылки
Уязвимость SUSE-SU-2018:1456-1