Описание
Security update for xen
This update for xen fixes one issue.
This security issue was fixed:
- CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1092631).
Список пакетов
SUSE Linux Enterprise Server 12 SP1-LTSS
xen-4.5.5_24-22.49.1
xen-doc-html-4.5.5_24-22.49.1
xen-kmp-default-4.5.5_24_k3.12.74_60.64.93-22.49.1
xen-libs-4.5.5_24-22.49.1
xen-libs-32bit-4.5.5_24-22.49.1
xen-tools-4.5.5_24-22.49.1
xen-tools-domU-4.5.5_24-22.49.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
xen-4.5.5_24-22.49.1
xen-doc-html-4.5.5_24-22.49.1
xen-kmp-default-4.5.5_24_k3.12.74_60.64.93-22.49.1
xen-libs-4.5.5_24-22.49.1
xen-libs-32bit-4.5.5_24-22.49.1
xen-tools-4.5.5_24-22.49.1
xen-tools-domU-4.5.5_24-22.49.1
Ссылки
- Link for SUSE-SU-2018:1582-1
- E-Mail link for SUSE-SU-2018:1582-1
- SUSE Security Ratings
- SUSE Bug 1027519
- SUSE Bug 1092631
- SUSE CVE CVE-2018-3639 page
Описание
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.49.1
SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.49.1
SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.93-22.49.1
SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.49.1
Ссылки
- CVE-2018-3639
- SUSE Bug 1074701
- SUSE Bug 1085235
- SUSE Bug 1085308
- SUSE Bug 1087078
- SUSE Bug 1087082
- SUSE Bug 1092631
- SUSE Bug 1092885
- SUSE Bug 1094912
- SUSE Bug 1098813
- SUSE Bug 1100394
- SUSE Bug 1102640
- SUSE Bug 1105412
- SUSE Bug 1111963
- SUSE Bug 1172781
- SUSE Bug 1172782
- SUSE Bug 1172783
- SUSE Bug 1173489
- SUSE Bug 1178658
- SUSE Bug 1201877