Описание
Security update for xen
This update for xen fixes the following issues:
Security issue fixed:
- CVE-2020-28368: Fixed the Intel RAPL sidechannel attack, aka PLATYPUS attack, aka XSA-351 (bsc#1178591).
Non-security issues fixed:
- Updated to Xen 4.13.2 bug fix release (bsc#1027519).
- Fixed a panic during MSI cleanup on AMD hardware (bsc#1027519).
- Adjusted help for --max_iters, default is 5 (bsc#1177950).
Список пакетов
Container suse/sles/15.2/virt-launcher:0.38.1
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-Azure-Basic
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-Azure-Standard
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-BYOS-Azure
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-BYOS-EC2-HVM
xen-libs-4.13.2_02-3.16.2
xen-tools-domU-4.13.2_02-3.16.2
Image SLES15-SP2-BYOS-GCE
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-CHOST-BYOS-Aliyun
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-CHOST-BYOS-Azure
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-CHOST-BYOS-EC2
xen-libs-4.13.2_02-3.16.2
xen-tools-domU-4.13.2_02-3.16.2
Image SLES15-SP2-CHOST-BYOS-GCE
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-EC2-ECS-HVM
xen-libs-4.13.2_02-3.16.2
xen-tools-domU-4.13.2_02-3.16.2
Image SLES15-SP2-EC2-HVM
xen-libs-4.13.2_02-3.16.2
xen-tools-domU-4.13.2_02-3.16.2
Image SLES15-SP2-GCE
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-HPC-Azure
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-HPC-BYOS-Azure
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-HPC-BYOS-EC2-HVM
xen-libs-4.13.2_02-3.16.2
xen-tools-domU-4.13.2_02-3.16.2
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM
xen-libs-4.13.2_02-3.16.2
xen-tools-domU-4.13.2_02-3.16.2
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
xen-libs-4.13.2_02-3.16.2
xen-tools-domU-4.13.2_02-3.16.2
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-SAP-Azure
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-SAP-BYOS-Azure
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-SAP-BYOS-EC2-HVM
xen-libs-4.13.2_02-3.16.2
xen-tools-domU-4.13.2_02-3.16.2
Image SLES15-SP2-SAP-BYOS-GCE
xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-SAP-EC2-HVM
xen-libs-4.13.2_02-3.16.2
xen-tools-domU-4.13.2_02-3.16.2
Image SLES15-SP2-SAP-GCE
xen-libs-4.13.2_02-3.16.2
SUSE Linux Enterprise Module for Basesystem 15 SP2
xen-libs-4.13.2_02-3.16.2
xen-tools-domU-4.13.2_02-3.16.2
SUSE Linux Enterprise Module for Server Applications 15 SP2
xen-4.13.2_02-3.16.2
xen-devel-4.13.2_02-3.16.2
xen-tools-4.13.2_02-3.16.2
xen-tools-xendomains-wait-disk-4.13.2_02-3.16.2
Ссылки
- Link for SUSE-SU-2020:3412-1
- E-Mail link for SUSE-SU-2020:3412-1
- SUSE Security Ratings
- SUSE Bug 1027519
- SUSE Bug 1177950
- SUSE Bug 1178591
- SUSE CVE CVE-2020-28368 page
Описание
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.
Затронутые продукты
Container suse/sles/15.2/virt-launcher:0.38.1:xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-Azure-Basic:xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-Azure-Standard:xen-libs-4.13.2_02-3.16.2
Image SLES15-SP2-BYOS-Azure:xen-libs-4.13.2_02-3.16.2
Ссылки
- CVE-2020-28368
- SUSE Bug 1178591
- SUSE Bug 1178658