Описание
Security update for xen
This update for xen fixes the following issues:
- bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change (XSA-355)
Список пакетов
Container suse/sles/15.2/virt-launcher:0.38.1
Image SLES15-SP2-Azure-Basic
Image SLES15-SP2-Azure-Standard
Image SLES15-SP2-BYOS-Azure
Image SLES15-SP2-BYOS-EC2-HVM
Image SLES15-SP2-BYOS-GCE
Image SLES15-SP2-CHOST-BYOS-Aliyun
Image SLES15-SP2-CHOST-BYOS-Azure
Image SLES15-SP2-CHOST-BYOS-EC2
Image SLES15-SP2-CHOST-BYOS-GCE
Image SLES15-SP2-EC2-ECS-HVM
Image SLES15-SP2-EC2-HVM
Image SLES15-SP2-GCE
Image SLES15-SP2-HPC-Azure
Image SLES15-SP2-HPC-BYOS-Azure
Image SLES15-SP2-HPC-BYOS-EC2-HVM
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE
Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
Image SLES15-SP2-SAP-Azure
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
Image SLES15-SP2-SAP-BYOS-Azure
Image SLES15-SP2-SAP-BYOS-EC2-HVM
Image SLES15-SP2-SAP-BYOS-GCE
Image SLES15-SP2-SAP-EC2-HVM
Image SLES15-SP2-SAP-GCE
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP2
Ссылки
- Link for SUSE-SU-2020:3615-1
- E-Mail link for SUSE-SU-2020:3615-1
- SUSE Security Ratings
- SUSE Bug 1177409
- SUSE Bug 1177412
- SUSE Bug 1177413
- SUSE Bug 1177414
- SUSE Bug 1178591
- SUSE Bug 1178963
- SUSE CVE CVE-2020-27670 page
- SUSE CVE CVE-2020-27671 page
- SUSE CVE CVE-2020-27672 page
- SUSE CVE CVE-2020-27674 page
- SUSE CVE CVE-2020-28368 page
Описание
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.
Затронутые продукты
Ссылки
- CVE-2020-27670
- SUSE Bug 1177414
- SUSE Bug 1178658
- SUSE Bug 1183925
Описание
An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
Затронутые продукты
Ссылки
- CVE-2020-27671
- SUSE Bug 1177413
- SUSE Bug 1183925
Описание
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages.
Затронутые продукты
Ссылки
- CVE-2020-27672
- SUSE Bug 1177412
- SUSE Bug 1178658
- SUSE Bug 1183925
Описание
An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.
Затронутые продукты
Ссылки
- CVE-2020-27674
- SUSE Bug 1177409
- SUSE Bug 1178658
Описание
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.
Затронутые продукты
Ссылки
- CVE-2020-28368
- SUSE Bug 1178591
- SUSE Bug 1178658