SUSE-SU-2018:1614-1

Опубликовано: 08 июн. 2018

Источник: suse-cvrf

Описание

Security update for libvirt

This update for libvirt fixes the following issues:

CVE-2018-3639: cpu: add support for 'ssbd' and 'virt-ssbd' CPUID feature bits pass through (bsc#1092885)

Список пакетов

SUSE Enterprise Storage 4

libvirt-2.0.0-27.42.1

libvirt-client-2.0.0-27.42.1

libvirt-daemon-2.0.0-27.42.1

libvirt-daemon-config-network-2.0.0-27.42.1

libvirt-daemon-config-nwfilter-2.0.0-27.42.1

libvirt-daemon-driver-interface-2.0.0-27.42.1

libvirt-daemon-driver-libxl-2.0.0-27.42.1

libvirt-daemon-driver-lxc-2.0.0-27.42.1

libvirt-daemon-driver-network-2.0.0-27.42.1

libvirt-daemon-driver-nodedev-2.0.0-27.42.1

libvirt-daemon-driver-nwfilter-2.0.0-27.42.1

libvirt-daemon-driver-qemu-2.0.0-27.42.1

libvirt-daemon-driver-secret-2.0.0-27.42.1

libvirt-daemon-driver-storage-2.0.0-27.42.1

libvirt-daemon-hooks-2.0.0-27.42.1

libvirt-daemon-lxc-2.0.0-27.42.1

libvirt-daemon-qemu-2.0.0-27.42.1

libvirt-daemon-xen-2.0.0-27.42.1

libvirt-doc-2.0.0-27.42.1

libvirt-lock-sanlock-2.0.0-27.42.1

libvirt-nss-2.0.0-27.42.1

SUSE Linux Enterprise Server 12 SP2-LTSS

libvirt-2.0.0-27.42.1

libvirt-client-2.0.0-27.42.1

libvirt-daemon-2.0.0-27.42.1

libvirt-daemon-config-network-2.0.0-27.42.1

libvirt-daemon-config-nwfilter-2.0.0-27.42.1

libvirt-daemon-driver-interface-2.0.0-27.42.1

libvirt-daemon-driver-libxl-2.0.0-27.42.1

libvirt-daemon-driver-lxc-2.0.0-27.42.1

libvirt-daemon-driver-network-2.0.0-27.42.1

libvirt-daemon-driver-nodedev-2.0.0-27.42.1

libvirt-daemon-driver-nwfilter-2.0.0-27.42.1

libvirt-daemon-driver-qemu-2.0.0-27.42.1

libvirt-daemon-driver-secret-2.0.0-27.42.1

libvirt-daemon-driver-storage-2.0.0-27.42.1

libvirt-daemon-hooks-2.0.0-27.42.1

libvirt-daemon-lxc-2.0.0-27.42.1

libvirt-daemon-qemu-2.0.0-27.42.1

libvirt-daemon-xen-2.0.0-27.42.1

libvirt-doc-2.0.0-27.42.1

libvirt-lock-sanlock-2.0.0-27.42.1

libvirt-nss-2.0.0-27.42.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

libvirt-2.0.0-27.42.1

libvirt-client-2.0.0-27.42.1

libvirt-daemon-2.0.0-27.42.1

libvirt-daemon-config-network-2.0.0-27.42.1

libvirt-daemon-config-nwfilter-2.0.0-27.42.1

libvirt-daemon-driver-interface-2.0.0-27.42.1

libvirt-daemon-driver-libxl-2.0.0-27.42.1

libvirt-daemon-driver-lxc-2.0.0-27.42.1

libvirt-daemon-driver-network-2.0.0-27.42.1

libvirt-daemon-driver-nodedev-2.0.0-27.42.1

libvirt-daemon-driver-nwfilter-2.0.0-27.42.1

libvirt-daemon-driver-qemu-2.0.0-27.42.1

libvirt-daemon-driver-secret-2.0.0-27.42.1

libvirt-daemon-driver-storage-2.0.0-27.42.1

libvirt-daemon-hooks-2.0.0-27.42.1

libvirt-daemon-lxc-2.0.0-27.42.1

libvirt-daemon-qemu-2.0.0-27.42.1

libvirt-daemon-xen-2.0.0-27.42.1

libvirt-doc-2.0.0-27.42.1

libvirt-lock-sanlock-2.0.0-27.42.1

libvirt-nss-2.0.0-27.42.1

SUSE OpenStack Cloud 7

libvirt-2.0.0-27.42.1

libvirt-client-2.0.0-27.42.1

libvirt-daemon-2.0.0-27.42.1

libvirt-daemon-config-network-2.0.0-27.42.1

libvirt-daemon-config-nwfilter-2.0.0-27.42.1

libvirt-daemon-driver-interface-2.0.0-27.42.1

libvirt-daemon-driver-libxl-2.0.0-27.42.1

libvirt-daemon-driver-lxc-2.0.0-27.42.1

libvirt-daemon-driver-network-2.0.0-27.42.1

libvirt-daemon-driver-nodedev-2.0.0-27.42.1

libvirt-daemon-driver-nwfilter-2.0.0-27.42.1

libvirt-daemon-driver-qemu-2.0.0-27.42.1

libvirt-daemon-driver-secret-2.0.0-27.42.1

libvirt-daemon-driver-storage-2.0.0-27.42.1

libvirt-daemon-hooks-2.0.0-27.42.1

libvirt-daemon-lxc-2.0.0-27.42.1

libvirt-daemon-qemu-2.0.0-27.42.1

libvirt-daemon-xen-2.0.0-27.42.1

libvirt-doc-2.0.0-27.42.1

libvirt-lock-sanlock-2.0.0-27.42.1

libvirt-nss-2.0.0-27.42.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20181614-1/
Link for SUSE-SU-2018:1614-1
https://lists.suse.com/pipermail/sle-security-updates/2018-June/004169.html
E-Mail link for SUSE-SU-2018:1614-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1092885
SUSE Bug 1092885
https://www.suse.com/security/cve/CVE-2018-3639/
SUSE CVE CVE-2018-3639 page

Описание

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Затронутые продукты

SUSE Enterprise Storage 4:libvirt-2.0.0-27.42.1

SUSE Enterprise Storage 4:libvirt-client-2.0.0-27.42.1

SUSE Enterprise Storage 4:libvirt-daemon-2.0.0-27.42.1

SUSE Enterprise Storage 4:libvirt-daemon-config-network-2.0.0-27.42.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-3639.html
CVE-2018-3639
https://bugzilla.suse.com/1074701
SUSE Bug 1074701
https://bugzilla.suse.com/1085235
SUSE Bug 1085235
https://bugzilla.suse.com/1085308
SUSE Bug 1085308
https://bugzilla.suse.com/1087078
SUSE Bug 1087078
https://bugzilla.suse.com/1087082
SUSE Bug 1087082
https://bugzilla.suse.com/1092631
SUSE Bug 1092631
https://bugzilla.suse.com/1092885
SUSE Bug 1092885
https://bugzilla.suse.com/1094912
SUSE Bug 1094912
https://bugzilla.suse.com/1098813
SUSE Bug 1098813
https://bugzilla.suse.com/1100394
SUSE Bug 1100394
https://bugzilla.suse.com/1102640
SUSE Bug 1102640
https://bugzilla.suse.com/1105412
SUSE Bug 1105412
https://bugzilla.suse.com/1111963
SUSE Bug 1111963
https://bugzilla.suse.com/1172781
SUSE Bug 1172781
https://bugzilla.suse.com/1172782
SUSE Bug 1172782
https://bugzilla.suse.com/1172783
SUSE Bug 1172783
https://bugzilla.suse.com/1173489
SUSE Bug 1173489
https://bugzilla.suse.com/1178658
SUSE Bug 1178658
https://bugzilla.suse.com/1201877
SUSE Bug 1201877

SUSE-SU-2018:1614-1

Описание

Список пакетов

SUSE Enterprise Storage 4

SUSE Linux Enterprise Server 12 SP2-LTSS

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE OpenStack Cloud 7

Ссылки

Уязвимость: CVE-2018-3639

Описание

Затронутые продукты

Ссылки