Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2018:1487-1

Опубликовано: 01 июн. 2018
Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following issues:

Security issues fixed:

  • CVE-2018-3639: Spectre V4 – Speculative Store Bypass aka 'Memory Disambiguation' (bsc#1092631)

    This feature can be controlled by the 'ssbd=on/off' commandline flag for the XEN hypervisor.

  • CVE-2018-10982: x86 vHPET interrupt injection errors (XSA-261 bsc#1090822)

  • CVE-2018-10981: qemu may drive Xen into unbounded loop (XSA-262 bsc#1090823)

Other bugfixes:

  • Upstream patches from Jan (bsc#1027519)
  • additional fixes related to Page Table Isolation (XPTI). (bsc#1074562 XSA-254)
  • qemu-system-i386 cannot handle more than 4 HW NICs (bsc#1090296)

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Список пакетов

openSUSE Leap 42.3
xen-4.9.2_06-22.1
xen-devel-4.9.2_06-22.1
xen-doc-html-4.9.2_06-22.1
xen-libs-4.9.2_06-22.1
xen-tools-4.9.2_06-22.1
xen-tools-domU-4.9.2_06-22.1

Ссылки

Описание

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.

Затронутые продукты
openSUSE Leap 42.3:xen-4.9.2_06-22.1
openSUSE Leap 42.3:xen-devel-4.9.2_06-22.1
openSUSE Leap 42.3:xen-doc-html-4.9.2_06-22.1
openSUSE Leap 42.3:xen-libs-4.9.2_06-22.1
Ссылки

Описание

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.

Затронутые продукты
openSUSE Leap 42.3:xen-4.9.2_06-22.1
openSUSE Leap 42.3:xen-devel-4.9.2_06-22.1
openSUSE Leap 42.3:xen-doc-html-4.9.2_06-22.1
openSUSE Leap 42.3:xen-libs-4.9.2_06-22.1
Ссылки

Описание

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Затронутые продукты
openSUSE Leap 42.3:xen-4.9.2_06-22.1
openSUSE Leap 42.3:xen-devel-4.9.2_06-22.1
openSUSE Leap 42.3:xen-doc-html-4.9.2_06-22.1
openSUSE Leap 42.3:xen-libs-4.9.2_06-22.1
Ссылки