Oval Definition:	oval:org.opensuse.security:def:4750
Revision Date: 2020-12-02 Version: 1 Title: Security update for xen (Important) Description: This update for xen fixes the following security issues: - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis (bsc#1091107, bsc#1027519). - Incorrect MSR_DEBUGCTL handling let guests enable BTS allowing a malicious or buggy guest administrator can lock up the entire host (bsc#1103276) Family: unix Class: patch Status: Reference(s): 1012382 1027519 1037697 1046299 1046300 1046302 1046303 1046305 1046306 1046307 1046533 1046543 1050242 1050536 1050538 1050540 1050549 1051510 1052904 1053043 1054245 1055117 1055121 1056651 1056787 1058169 1058659 1060463 1061840 1065600 1065729 1068032 1070872 1075087 1075360 1077338 1077761 1077989 1079730 1082555 1083647 1085042 1085535 1085536 1085539 1086301 1086313 1086314 1086324 1086457 1087092 1087202 1087217 1087233 1088804 1090098 1090888 1091041 1091107 1091171 1093148 1093666 1094119 1094244 1096330 1097583 1097584 1097585 1097586 1097587 1097588 1098403 1098633 1099193 1100132 1100884 1101143 1101337 1101352 1101564 1101669 1101674 1101789 1101813 1101816 1102088 1102097 1102147 1102340 1102512 1102851 1103216 1103220 1103230 1103259 1103276 1103421 1111025 1111331 1112128 1112178 1113399 1113722 1114279 1114542 1114638 1119086 1119680 1120067 1120095 1120318 1120902 1122767 1123105 1125342 1126221 1126356 1126704 1126740 1127175 1127371 1127372 1127374 1127378 1127445 1128415 1128544 1129276 1129770 1130130 1130154 1130195 1130335 1130336 1130337 1130338 1130425 1130427 1130518 1130527 1130567 1131062 1131107 1131167 1131168 1131169 1131170 1131171 1131172 1131173 1131174 1131175 1131176 1131177 1131178 1131179 1131180 1131290 1131335 1131336 1131416 1131427 1131442 1131467 1131574 1131587 1131659 1131673 1131847 1131848 1131851 1131900 1131934 1131935 1132083 1132219 1132226 1132227 1132365 1132368 1132369 1132370 1132372 1132373 1132384 1132397 1132402 1132403 1132404 1132405 1132407 1132411 1132412 1132413 1132414 1132426 1132527 1132531 1132555 1132558 1132561 1132562 1132563 1132564 1132570 1132571 1132572 1132589 1132618 1132681 1132726 1132828 1132943 1133005 1133094 1133095 1133115 1133149 1133486 1133529 1133584 1133667 1133668 1133672 1133674 1133675 1133698 1133702 1133731 1133769 1133772 1133774 1133778 1133779 1133780 1133825 1133850 1133851 1133852 1140868 1152692 1155327 1157268 1159329 1161719 1163809 1166881 1168345 1169679 1169748 1169851 1170643 1171441 1171443 1171444 1171445 1171446 1171447 1171474 1171889 1173247 1173605 1174200 1174662 1175686 1176410 1177143 CVE-2017-18344 CVE-2018-12126 CVE-2018-12126 CVE-2018-12127 CVE-2018-12127 CVE-2018-12130 CVE-2018-12130 CVE-2018-16880 CVE-2018-3646 CVE-2018-5390 CVE-2019-11091 CVE-2019-11091 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-18934 CVE-2019-3882 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9003 CVE-2019-9500 CVE-2019-9503 CVE-2019-9811 CVE-2020-10704 CVE-2020-11017 CVE-2020-11018 CVE-2020-11019 CVE-2020-11038 CVE-2020-11039 CVE-2020-11040 CVE-2020-11041 CVE-2020-11043 CVE-2020-11085 CVE-2020-11086 CVE-2020-11087 CVE-2020-11088 CVE-2020-11089 CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 CVE-2020-11501 CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526 CVE-2020-12662 CVE-2020-12663 CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 CVE-2020-15663 CVE-2020-15664 CVE-2020-15669 CVE-2020-25219 CVE-2020-26154 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3899 CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 SUSE-SU-2018:2223-1 SUSE-SU-2018:2409-1 SUSE-SU-2019:1248-1 SUSE-SU-2019:1960-1 SUSE-SU-2020:0468-1 SUSE-SU-2020:0948-1 SUSE-SU-2020:1132-1 SUSE-SU-2020:1198-1 SUSE-SU-2020:1819-1 SUSE-SU-2020:2068-1 SUSE-SU-2020:2198-1 SUSE-SU-2020:2552-1 SUSE-SU-2020:2901-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information python-keystoneclient-1.0.0-16.1 is installed OR python-keystoneclient-doc-1.0.0-16.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information ImageMagick-6.8.8.1-5 is installed OR libMagick++-6_Q16-3-6.8.8.1-5 is installed OR libMagickCore-6_Q16-1-6.8.8.1-5 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-5 is installed OR libMagickWand-6_Q16-1-6.8.8.1-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information at-3.1.14-7 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed OR libkde4-4.12.0-7 is installed OR libkde4-32bit-4.12.0-7 is installed OR libkdecore4-4.12.0-7 is installed OR libkdecore4-32bit-4.12.0-7 is installed OR libksuseinstall1-4.12.0-7 is installed OR libksuseinstall1-32bit-4.12.0-7 is installed OR libnetpbm11-10.66.3-4 is installed OR libnetpbm11-32bit-10.66.3-4 is installed OR netpbm-10.66.3-4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information augeas-1.2.0-15 is installed OR augeas-lenses-1.2.0-15 is installed OR libaugeas0-1.2.0-15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND argyllcms-1.6.3-3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information libpcreposix0-8.39-5.1 is installed OR pcre-8.39-5.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND ruby2.1-rubygem-bundler-1.7.3-3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND haproxy-1.6.11-10 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information cluster-md-kmp-default-4.12.14-120 is installed OR dlm-kmp-default-4.12.14-120 is installed OR gfs2-kmp-default-4.12.14-120 is installed OR ocfs2-kmp-default-4.12.14-120 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_32-33-default-2-3.1 is installed OR kgraft-patch-3_12_32-33-xen-2-3.1 is installed OR kgraft-patch-3_12_36-38-default-2-3.1 is installed OR kgraft-patch-3_12_36-38-xen-2-3.1 is installed OR kgraft-patch-SLE12_Update_1-2-3.1 is installed OR kgraft-patch-SLE12_Update_2-2-3.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information xen-4.10.1_08-3.6 is installed OR xen-devel-4.10.1_08-3.6 is installed OR xen-tools-4.10.1_08-3.6 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information xen-4.7.6_05-43.42 is installed OR xen-doc-html-4.7.6_05-43.42 is installed OR xen-libs-4.7.6_05-43.42 is installed OR xen-libs-32bit-4.7.6_05-43.42 is installed OR xen-tools-4.7.6_05-43.42 is installed OR xen-tools-domU-4.7.6_05-43.42 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND xorg-x11-libXt-7.4-1.19.1 is installed OR xorg-x11-libXt-32bit-7.4-1.19.1 is installed OR xorg-x11-libXt-x86-7.4-1.19.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND xorg-x11-libXt-7.4-1.19.1 is installed OR xorg-x11-libXt-32bit-7.4-1.19.1 is installed OR xorg-x11-libXt-x86-7.4-1.19.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND cron-4.1-194.199.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information bind-9.6ESVR7P4-0.10.1 is installed OR bind-chrootenv-9.6ESVR7P4-0.10.1 is installed OR bind-doc-9.6ESVR7P4-0.10.1 is installed OR bind-libs-9.6ESVR7P4-0.10.1 is installed OR bind-libs-32bit-9.6ESVR7P4-0.10.1 is installed OR bind-libs-x86-9.6ESVR7P4-0.10.1 is installed OR bind-utils-9.6ESVR7P4-0.10.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information cpio-2.11-29.1 is installed OR cpio-lang-2.11-29.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND libXxf86dga1-1.1.4-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_jk-1.2.40-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND apache2-mod_nss-1.0.14-19.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.26.4-3.43 is installed OR libwebkit2gtk-4_0-37-2.26.4-3.43 is installed OR libwebkit2gtk3-lang-2.26.4-3.43 is installed OR webkit2gtk-4_0-injected-bundles-2.26.4-3.43 is installed OR webkit2gtk3-2.26.4-3.43 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libdcerpc-binding0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc-binding0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc-samr-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc-samr0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libdcerpc0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-krb5pac-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-krb5pac0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-krb5pac0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-nbt-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-nbt0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-nbt0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-standard-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-standard0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr-standard0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libndr0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libnetapi-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libnetapi0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libnetapi0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-credentials-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-credentials0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-credentials0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-errors-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-errors0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-errors0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-hostconfig-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-hostconfig0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-hostconfig0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-passdb-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-passdb0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-passdb0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-policy-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-policy0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-util-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-util0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamba-util0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamdb-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamdb0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsamdb0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbclient-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbclient0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbclient0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbconf-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbconf0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbconf0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbldap-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbldap2-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libsmbldap2-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libtevent-util-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libtevent-util0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libtevent-util0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libwbclient-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libwbclient0-4.7.11+git.231.7f324c4d89e-4.40 is installed OR libwbclient0-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-client-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-client-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-core-devel-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-libs-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-libs-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-winbind-4.7.11+git.231.7f324c4d89e-4.40 is installed OR samba-winbind-32bit-4.7.11+git.231.7f324c4d89e-4.40 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information git-1.7.12.4-0.11.2 is installed OR git-arch-1.7.12.4-0.11.2 is installed OR git-core-1.7.12.4-0.11.2 is installed OR git-cvs-1.7.12.4-0.11.2 is installed OR git-daemon-1.7.12.4-0.11.2 is installed OR git-email-1.7.12.4-0.11.2 is installed OR git-gui-1.7.12.4-0.11.2 is installed OR git-svn-1.7.12.4-0.11.2 is installed OR git-web-1.7.12.4-0.11.2 is installed OR gitk-1.7.12.4-0.11.2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND rubygem-mail-2_4-2.4.4-0.10.2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information bash-devel-4.2-75 is installed OR readline-devel-6.2-75 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND MozillaFirefox-devel-38.4.0esr-51 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND freetype2-devel-2.6.3-7.8 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.6 is installed OR kernel-default-extra-4.12.14-25.6 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-60.8.0-3.46 is installed OR MozillaThunderbird-translations-common-60.8.0-3.46 is installed OR MozillaThunderbird-translations-other-60.8.0-3.46 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information freerdp-2.1.2-15.7 is installed OR freerdp-devel-2.1.2-15.7 is installed OR libfreerdp2-2.1.2-15.7 is installed OR libwinpr2-2.1.2-15.7 is installed OR winpr2-devel-2.1.2-15.7 is installed
BACK