Описание
Security update for xen
This update for xen to version 4.11.4 fixes the following issues:
- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1172205).
Список пакетов
Image SLES12-SP4-EC2-HVM-BYOS
xen-libs-4.11.4_02-2.26.1
xen-tools-domU-4.11.4_02-2.26.1
Image SLES12-SP4-SAP-EC2-HVM
xen-libs-4.11.4_02-2.26.1
xen-tools-domU-4.11.4_02-2.26.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS
xen-libs-4.11.4_02-2.26.1
xen-tools-domU-4.11.4_02-2.26.1
SUSE Linux Enterprise Server 12 SP4
xen-4.11.4_02-2.26.1
xen-doc-html-4.11.4_02-2.26.1
xen-libs-4.11.4_02-2.26.1
xen-libs-32bit-4.11.4_02-2.26.1
xen-tools-4.11.4_02-2.26.1
xen-tools-domU-4.11.4_02-2.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
xen-4.11.4_02-2.26.1
xen-doc-html-4.11.4_02-2.26.1
xen-libs-4.11.4_02-2.26.1
xen-libs-32bit-4.11.4_02-2.26.1
xen-tools-4.11.4_02-2.26.1
xen-tools-domU-4.11.4_02-2.26.1
SUSE Linux Enterprise Software Development Kit 12 SP4
xen-devel-4.11.4_02-2.26.1
Ссылки
- Link for SUSE-SU-2020:1632-1
- E-Mail link for SUSE-SU-2020:1632-1
- SUSE Security Ratings
- SUSE Bug 1027519
- SUSE Bug 1172205
- SUSE CVE CVE-2020-0543 page
Описание
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Затронутые продукты
Image SLES12-SP4-EC2-HVM-BYOS:xen-libs-4.11.4_02-2.26.1
Image SLES12-SP4-EC2-HVM-BYOS:xen-tools-domU-4.11.4_02-2.26.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS:xen-libs-4.11.4_02-2.26.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS:xen-tools-domU-4.11.4_02-2.26.1
Ссылки
- CVE-2020-0543
- SUSE Bug 1154824
- SUSE Bug 1172205
- SUSE Bug 1172206
- SUSE Bug 1172207
- SUSE Bug 1172770
- SUSE Bug 1178658
- SUSE Bug 1201877