Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:1547-1

Опубликовано: 18 июн. 2019
Источник: suse-cvrf

Описание

Security update for libvirt

This update for libvirt fixes the following issues:

Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)

  • CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
  • CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
  • CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS)
  • CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)

These updates contain the libvirt adjustments, that pass through the new 'md-clear' CPU flag (bsc#1135273).

For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736

Список пакетов

SUSE Linux Enterprise Desktop 12 SP3
libvirt-3.3.0-5.33.2
libvirt-admin-3.3.0-5.33.2
libvirt-client-3.3.0-5.33.2
libvirt-daemon-3.3.0-5.33.2
libvirt-daemon-config-network-3.3.0-5.33.2
libvirt-daemon-config-nwfilter-3.3.0-5.33.2
libvirt-daemon-driver-interface-3.3.0-5.33.2
libvirt-daemon-driver-libxl-3.3.0-5.33.2
libvirt-daemon-driver-lxc-3.3.0-5.33.2
libvirt-daemon-driver-network-3.3.0-5.33.2
libvirt-daemon-driver-nodedev-3.3.0-5.33.2
libvirt-daemon-driver-nwfilter-3.3.0-5.33.2
libvirt-daemon-driver-qemu-3.3.0-5.33.2
libvirt-daemon-driver-secret-3.3.0-5.33.2
libvirt-daemon-driver-storage-3.3.0-5.33.2
libvirt-daemon-driver-storage-core-3.3.0-5.33.2
libvirt-daemon-driver-storage-disk-3.3.0-5.33.2
libvirt-daemon-driver-storage-iscsi-3.3.0-5.33.2
libvirt-daemon-driver-storage-logical-3.3.0-5.33.2
libvirt-daemon-driver-storage-mpath-3.3.0-5.33.2
libvirt-daemon-driver-storage-rbd-3.3.0-5.33.2
libvirt-daemon-driver-storage-scsi-3.3.0-5.33.2
libvirt-daemon-lxc-3.3.0-5.33.2
libvirt-daemon-qemu-3.3.0-5.33.2
libvirt-daemon-xen-3.3.0-5.33.2
libvirt-doc-3.3.0-5.33.2
libvirt-libs-3.3.0-5.33.2
SUSE Linux Enterprise Server 12 SP3
libvirt-3.3.0-5.33.2
libvirt-admin-3.3.0-5.33.2
libvirt-client-3.3.0-5.33.2
libvirt-daemon-3.3.0-5.33.2
libvirt-daemon-config-network-3.3.0-5.33.2
libvirt-daemon-config-nwfilter-3.3.0-5.33.2
libvirt-daemon-driver-interface-3.3.0-5.33.2
libvirt-daemon-driver-libxl-3.3.0-5.33.2
libvirt-daemon-driver-lxc-3.3.0-5.33.2
libvirt-daemon-driver-network-3.3.0-5.33.2
libvirt-daemon-driver-nodedev-3.3.0-5.33.2
libvirt-daemon-driver-nwfilter-3.3.0-5.33.2
libvirt-daemon-driver-qemu-3.3.0-5.33.2
libvirt-daemon-driver-secret-3.3.0-5.33.2
libvirt-daemon-driver-storage-3.3.0-5.33.2
libvirt-daemon-driver-storage-core-3.3.0-5.33.2
libvirt-daemon-driver-storage-disk-3.3.0-5.33.2
libvirt-daemon-driver-storage-iscsi-3.3.0-5.33.2
libvirt-daemon-driver-storage-logical-3.3.0-5.33.2
libvirt-daemon-driver-storage-mpath-3.3.0-5.33.2
libvirt-daemon-driver-storage-rbd-3.3.0-5.33.2
libvirt-daemon-driver-storage-scsi-3.3.0-5.33.2
libvirt-daemon-hooks-3.3.0-5.33.2
libvirt-daemon-lxc-3.3.0-5.33.2
libvirt-daemon-qemu-3.3.0-5.33.2
libvirt-daemon-xen-3.3.0-5.33.2
libvirt-doc-3.3.0-5.33.2
libvirt-libs-3.3.0-5.33.2
libvirt-lock-sanlock-3.3.0-5.33.2
libvirt-nss-3.3.0-5.33.2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libvirt-3.3.0-5.33.2
libvirt-admin-3.3.0-5.33.2
libvirt-client-3.3.0-5.33.2
libvirt-daemon-3.3.0-5.33.2
libvirt-daemon-config-network-3.3.0-5.33.2
libvirt-daemon-config-nwfilter-3.3.0-5.33.2
libvirt-daemon-driver-interface-3.3.0-5.33.2
libvirt-daemon-driver-libxl-3.3.0-5.33.2
libvirt-daemon-driver-lxc-3.3.0-5.33.2
libvirt-daemon-driver-network-3.3.0-5.33.2
libvirt-daemon-driver-nodedev-3.3.0-5.33.2
libvirt-daemon-driver-nwfilter-3.3.0-5.33.2
libvirt-daemon-driver-qemu-3.3.0-5.33.2
libvirt-daemon-driver-secret-3.3.0-5.33.2
libvirt-daemon-driver-storage-3.3.0-5.33.2
libvirt-daemon-driver-storage-core-3.3.0-5.33.2
libvirt-daemon-driver-storage-disk-3.3.0-5.33.2
libvirt-daemon-driver-storage-iscsi-3.3.0-5.33.2
libvirt-daemon-driver-storage-logical-3.3.0-5.33.2
libvirt-daemon-driver-storage-mpath-3.3.0-5.33.2
libvirt-daemon-driver-storage-rbd-3.3.0-5.33.2
libvirt-daemon-driver-storage-scsi-3.3.0-5.33.2
libvirt-daemon-hooks-3.3.0-5.33.2
libvirt-daemon-lxc-3.3.0-5.33.2
libvirt-daemon-qemu-3.3.0-5.33.2
libvirt-daemon-xen-3.3.0-5.33.2
libvirt-doc-3.3.0-5.33.2
libvirt-libs-3.3.0-5.33.2
libvirt-lock-sanlock-3.3.0-5.33.2
libvirt-nss-3.3.0-5.33.2
SUSE Linux Enterprise Software Development Kit 12 SP3
libvirt-devel-3.3.0-5.33.2

Ссылки

Описание

Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:libvirt-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-admin-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-client-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-daemon-3.3.0-5.33.2
Ссылки

Описание

Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:libvirt-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-admin-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-client-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-daemon-3.3.0-5.33.2
Ссылки

Описание

Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:libvirt-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-admin-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-client-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-daemon-3.3.0-5.33.2
Ссылки

Описание

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:libvirt-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-admin-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-client-3.3.0-5.33.2
SUSE Linux Enterprise Desktop 12 SP3:libvirt-daemon-3.3.0-5.33.2
Ссылки
Уязвимость SUSE-SU-2019:1547-1