Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2020:3742-1

Опубликовано: 10 дек. 2020
Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following issues:

  • bsc#1178963 - stack corruption from XSA-346 change (XSA-355)
  • bsc#1177409 - CVE-2020-27674: x86 PV guest INVLPG-like flushes may leave stale TLB entries (XSA-286)
  • bsc#1177412 - CVE-2020-27672: Race condition in Xen mapping code (XSA-345)
  • bsc#1177413 - CVE-2020-27671: undue deferral of IOMMU TLB flushes (XSA-346)
  • bsc#1177414 - CVE-2020-27670: unsafe AMD IOMMU page table updates (XSA-347)
  • bsc#1178591 - CVE-2020-28368: Intel RAPL sidechannel attack aka PLATYPUS attack aka XSA-351

Список пакетов

SUSE Linux Enterprise Server 12 SP2-BCL
xen-4.7.6_12-43.70.1
xen-doc-html-4.7.6_12-43.70.1
xen-libs-4.7.6_12-43.70.1
xen-libs-32bit-4.7.6_12-43.70.1
xen-tools-4.7.6_12-43.70.1
xen-tools-domU-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-LTSS
xen-4.7.6_12-43.70.1
xen-doc-html-4.7.6_12-43.70.1
xen-libs-4.7.6_12-43.70.1
xen-libs-32bit-4.7.6_12-43.70.1
xen-tools-4.7.6_12-43.70.1
xen-tools-domU-4.7.6_12-43.70.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
xen-4.7.6_12-43.70.1
xen-doc-html-4.7.6_12-43.70.1
xen-libs-4.7.6_12-43.70.1
xen-libs-32bit-4.7.6_12-43.70.1
xen-tools-4.7.6_12-43.70.1
xen-tools-domU-4.7.6_12-43.70.1
SUSE OpenStack Cloud 7
xen-4.7.6_12-43.70.1
xen-doc-html-4.7.6_12-43.70.1
xen-libs-4.7.6_12-43.70.1
xen-libs-32bit-4.7.6_12-43.70.1
xen-tools-4.7.6_12-43.70.1
xen-tools-domU-4.7.6_12-43.70.1

Ссылки

Описание

An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:xen-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-doc-html-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-libs-32bit-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-libs-4.7.6_12-43.70.1
Ссылки

Описание

An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:xen-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-doc-html-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-libs-32bit-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-libs-4.7.6_12-43.70.1
Ссылки

Описание

An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:xen-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-doc-html-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-libs-32bit-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-libs-4.7.6_12-43.70.1
Ссылки

Описание

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:xen-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-doc-html-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-libs-32bit-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-libs-4.7.6_12-43.70.1
Ссылки

Описание

Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:xen-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-doc-html-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-libs-32bit-4.7.6_12-43.70.1
SUSE Linux Enterprise Server 12 SP2-BCL:xen-libs-4.7.6_12-43.70.1
Ссылки