Описание
Security update for xen
This update for xen fixes the following issues:
- bsc#1174543 - secure boot related fixes
- bsc#1163019 - CVE-2020-8608: Potential OOB access due to unsafe snprintf() usages
Список пакетов
Image SLES12-SP4-EC2-HVM-BYOS
xen-libs-4.11.4_06-2.33.1
xen-tools-domU-4.11.4_06-2.33.1
Image SLES12-SP4-SAP-EC2-HVM
xen-libs-4.11.4_06-2.33.1
xen-tools-domU-4.11.4_06-2.33.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS
xen-libs-4.11.4_06-2.33.1
xen-tools-domU-4.11.4_06-2.33.1
SUSE Linux Enterprise Server 12 SP4-LTSS
xen-4.11.4_06-2.33.1
xen-doc-html-4.11.4_06-2.33.1
xen-libs-4.11.4_06-2.33.1
xen-libs-32bit-4.11.4_06-2.33.1
xen-tools-4.11.4_06-2.33.1
xen-tools-domU-4.11.4_06-2.33.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
xen-4.11.4_06-2.33.1
xen-doc-html-4.11.4_06-2.33.1
xen-libs-4.11.4_06-2.33.1
xen-libs-32bit-4.11.4_06-2.33.1
xen-tools-4.11.4_06-2.33.1
xen-tools-domU-4.11.4_06-2.33.1
SUSE OpenStack Cloud 9
xen-4.11.4_06-2.33.1
xen-doc-html-4.11.4_06-2.33.1
xen-libs-4.11.4_06-2.33.1
xen-libs-32bit-4.11.4_06-2.33.1
xen-tools-4.11.4_06-2.33.1
xen-tools-domU-4.11.4_06-2.33.1
SUSE OpenStack Cloud Crowbar 9
xen-4.11.4_06-2.33.1
xen-doc-html-4.11.4_06-2.33.1
xen-libs-4.11.4_06-2.33.1
xen-libs-32bit-4.11.4_06-2.33.1
xen-tools-4.11.4_06-2.33.1
xen-tools-domU-4.11.4_06-2.33.1
Ссылки
- Link for SUSE-SU-2020:2141-1
- E-Mail link for SUSE-SU-2020:2141-1
- SUSE Security Ratings
- SUSE Bug 1163019
- SUSE Bug 1174543
- SUSE CVE CVE-2020-8608 page
Описание
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
Затронутые продукты
Image SLES12-SP4-EC2-HVM-BYOS:xen-libs-4.11.4_06-2.33.1
Image SLES12-SP4-EC2-HVM-BYOS:xen-tools-domU-4.11.4_06-2.33.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS:xen-libs-4.11.4_06-2.33.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS:xen-tools-domU-4.11.4_06-2.33.1
Ссылки
- CVE-2020-8608
- SUSE Bug 1163018
- SUSE Bug 1163019