Oval Definition:oval:org.opensuse.security:def:4833
Revision Date:2020-12-02Version:1
Title:Security update for libvirt (Important)
Description:



This update for libvirt fixes the following issues:

Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)

- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)

These updates contain the libvirt adjustments, that pass through the new 'md-clear' CPU flag (bsc#1135273).

For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736

Security issues fixed:

- CVE-2019-10132: Reject clients unless their UID matches the server UID (bsc#1134348)

Non security issues fixed:

- delay global firewall setup if no networks are running (bsc#1133229) - add systemd-container dependency to qemu and lxc drivers (bsc#1136109)

Family:unixClass:patch
Status:Reference(s):1046540
1047238
1050319
1050536
1050540
1050911
1051510
1054914
1055117
1055120
1056686
1060662
1061840
1061843
1062631
1064597
1064701
1065600
1065729
1066369
1066674
1067126
1067906
1071009
1071306
1076830
1078248
1079524
1079730
1082555
1082635
1083647
1084760
1084831
1085030
1085536
1085539
1086103
1086283
1086288
1087092
1090734
1091171
1093205
1094825
1095805
1098403
1099125
1100132
1102097
1102881
1103308
1103543
1103990
1104353
1104427
1104731
1104745
1104902
1105025
1105536
1106061
1106105
1106110
1106237
1106240
1106284
1106434
1106838
1107685
1108241
1108377
1108382
1108468
1108828
1108841
1108870
1109151
1109158
1109217
1109330
1109739
1109784
1109806
1109818
1109837
1109907
1109911
1109915
1109919
1109951
1110006
1110096
1110538
1110561
1110921
1111025
1111028
1111076
1111331
1111506
1111666
1111806
1111819
1111830
1111834
1111841
1111870
1111901
1111904
1111928
1111983
1112170
1112173
1112178
1112208
1112219
1112221
1112246
1112372
1112374
1112514
1112554
1112708
1112710
1112711
1112712
1112713
1112731
1112732
1112733
1112734
1112735
1112736
1112738
1112739
1112740
1112741
1112743
1112745
1112746
1112894
1112899
1112902
1112903
1112905
1112906
1112907
1113257
1113284
1113722
1113994
1114279
1114542
1117665
1118689
1119086
1119113
1119991
1120046
1120876
1120902
1123105
1123959
1124370
1129424
1129519
1129664
1131107
1131281
1131489
1131565
1133021
1133229
1134291
1134348
1134476
1134881
1134882
1135219
1135273
1135642
1135897
1135990
1136039
1136109
1136261
1136346
1136349
1136352
1136496
1136498
1136502
1136682
1137322
1137323
1137884
1138099
1138100
1138539
1139020
1139021
1139101
1139500
1140012
1140426
1140487
1141340
1141450
1141543
1141554
1142019
1142076
1142109
1142117
1142118
1142119
1142496
1142541
1142635
1142685
1142701
1142857
1143300
1143331
1143466
1143706
1143738
1143765
1143794
1143841
1143843
1143962
1144087
1144123
1144333
1144375
1144474
1144518
1144582
1144718
1144813
1144880
1144886
1144912
1144920
1144979
1145010
1145018
1145051
1145059
1145189
1145235
1145256
1145300
1145302
1145357
1145379
1145388
1145389
1145390
1145391
1145392
1145393
1145394
1145395
1145396
1145397
1145408
1145409
1145427
1145436
1145446
1145661
1145678
1145687
1145774
1145920
1145922
1145934
1145937
1145940
1145941
1145942
1145946
1146025
1146074
1146084
1146141
1146163
1146215
1146285
1146346
1146351
1146352
1146361
1146368
1146376
1146378
1146381
1146391
1146399
1146413
1146425
1146516
1146519
1146524
1146526
1146529
1146531
1146543
1146547
1146550
1146575
1146589
1146678
1146873
1146938
1148031
1148032
1148033
1148034
1148035
1148093
1148133
1148192
1148196
1148198
1148202
1148219
1148297
1148303
1148308
1148363
1148379
1148394
1148527
1148570
1148574
1148616
1148617
1148619
1148698
1148859
1148868
1149053
1149083
1149104
1149105
1149106
1149197
1149214
1149224
1149325
1149376
1149413
1149418
1149424
1149522
1149527
1149539
1149552
1149591
1149602
1149612
1149626
1149652
1149713
1149811
1149940
1149976
1150025
1150033
1150112
1150562
1150727
1150860
1150861
1150933
1152506
1157627
1160968
1162972
1165849
1171186
1172053
1172189
1172760
1172795
1172796
1172798
1172846
1173972
1174753
1174817
1175070
1175071
1175074
1175155
1175168
1175568
1176343
1176344
1176345
1176346
1176347
1176348
1176349
1176350
CVE-2004-0801
CVE-2010-4000
CVE-2010-4267
CVE-2011-2697
CVE-2011-2722
CVE-2012-0035
CVE-2013-4325
CVE-2013-6402
CVE-2013-6427
CVE-2014-3421
CVE-2014-3422
CVE-2014-3423
CVE-2014-3424
CVE-2017-16533
CVE-2017-18224
CVE-2017-18551
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-12207
CVE-2018-18386
CVE-2018-18445
CVE-2018-20126
CVE-2018-20976
CVE-2018-21008
CVE-2019-10132
CVE-2019-10207
CVE-2019-11091
CVE-2019-11135
CVE-2019-12068
CVE-2019-14378
CVE-2019-14814
CVE-2019-14815
CVE-2019-14816
CVE-2019-14835
CVE-2019-15030
CVE-2019-15031
CVE-2019-15090
CVE-2019-15098
CVE-2019-15099
CVE-2019-15117
CVE-2019-15118
CVE-2019-15211
CVE-2019-15212
CVE-2019-15214
CVE-2019-15215
CVE-2019-15216
CVE-2019-15217
CVE-2019-15218
CVE-2019-15219
CVE-2019-15220
CVE-2019-15221
CVE-2019-15222
CVE-2019-15239
CVE-2019-15290
CVE-2019-15292
CVE-2019-15538
CVE-2019-15666
CVE-2019-15890
CVE-2019-15902
CVE-2019-15917
CVE-2019-15919
CVE-2019-15920
CVE-2019-15921
CVE-2019-15924
CVE-2019-15926
CVE-2019-15927
CVE-2019-4732
CVE-2019-9456
CVE-2020-11984
CVE-2020-11993
CVE-2020-12387
CVE-2020-12392
CVE-2020-12393
CVE-2020-12395
CVE-2020-12397
CVE-2020-12802
CVE-2020-12803
CVE-2020-13844
CVE-2020-17489
CVE-2020-25595
CVE-2020-25596
CVE-2020-25597
CVE-2020-25599
CVE-2020-25600
CVE-2020-25601
CVE-2020-25603
CVE-2020-25604
CVE-2020-2583
CVE-2020-2593
CVE-2020-2604
CVE-2020-2659
CVE-2020-6831
CVE-2020-8027
CVE-2020-9490
SUSE-SU-2018:3589-1
SUSE-SU-2019:1490-1
SUSE-SU-2019:2424-1
SUSE-SU-2019:2955-1
SUSE-SU-2020:0466-1
SUSE-SU-2020:1225-1
SUSE-SU-2020:2217-1
SUSE-SU-2020:2344-1
SUSE-SU-2020:2712-2
SUSE-SU-2020:2789-1
SUSE-SU-2020:2947-1
SUSE-SU-2020:3132-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12
SUSE Linux Enterprise High Availability 12 SP1
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 12 SP5
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 5
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND inst-source-utils-2012.9.13-0.8.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • emacs-24.3-14 is installed
  • OR emacs-info-24.3-14 is installed
  • OR emacs-x11-24.3-14 is installed
  • OR etags-24.3-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND bogofilter-1.2.4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND bogofilter-1.2.4-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • at-3.1.14-7 is installed
  • OR libQtWebKit4-4.8.6+2.3.3-3 is installed
  • OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed
  • OR libbonobo-2.32.1-16 is installed
  • OR libbonobo-32bit-2.32.1-16 is installed
  • OR libbonobo-lang-2.32.1-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-38.8 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-38.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 is installed
  • AND python-PyYAML-3.10-15.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP1 is installed
  • AND Package Information
  • libpcreposix0-8.39-5.1 is installed
  • OR pcre-8.39-5.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND Package Information
  • libpacemaker3-1.1.15-19 is installed
  • OR pacemaker-1.1.15-19 is installed
  • OR pacemaker-cli-1.1.15-19 is installed
  • OR pacemaker-cts-1.1.15-19 is installed
  • OR pacemaker-remote-1.1.15-19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND lighttpd-1.4.35-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND conntrack-tools-1.4.2-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND fence-agents-4.4.0+git.1558595666.5f79f9e9-3.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND Package Information
  • bluez-5.13-5.12 is installed
  • OR libbluetooth3-5.13-5.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_38-44-default-1-2.2 is installed
  • OR kgraft-patch-3_12_38-44-xen-1-2.2 is installed
  • OR kgraft-patch-SLE12_Update_3-1-2.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • libvirt-5.1.0-8.3 is installed
  • OR libvirt-admin-5.1.0-8.3 is installed
  • OR libvirt-bash-completion-5.1.0-8.3 is installed
  • OR libvirt-client-5.1.0-8.3 is installed
  • OR libvirt-daemon-5.1.0-8.3 is installed
  • OR libvirt-daemon-config-network-5.1.0-8.3 is installed
  • OR libvirt-daemon-config-nwfilter-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-interface-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-libxl-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-lxc-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-network-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-nodedev-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-nwfilter-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-qemu-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-secret-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-storage-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-storage-core-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-storage-disk-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-storage-iscsi-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-storage-logical-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-storage-mpath-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-storage-rbd-5.1.0-8.3 is installed
  • OR libvirt-daemon-driver-storage-scsi-5.1.0-8.3 is installed
  • OR libvirt-daemon-hooks-5.1.0-8.3 is installed
  • OR libvirt-daemon-lxc-5.1.0-8.3 is installed
  • OR libvirt-daemon-qemu-5.1.0-8.3 is installed
  • OR libvirt-daemon-xen-5.1.0-8.3 is installed
  • OR libvirt-devel-5.1.0-8.3 is installed
  • OR libvirt-doc-5.1.0-8.3 is installed
  • OR libvirt-lock-sanlock-5.1.0-8.3 is installed
  • OR libvirt-nss-5.1.0-8.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND krb5-doc-1.6.3-133.21 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND foomatic-filters-3.0.2-269.39.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND foomatic-filters-3.0.2-269.39.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • OpenEXR-1.6.1-83.17.1 is installed
  • OR OpenEXR-32bit-1.6.1-83.17.1 is installed
  • OR OpenEXR-x86-1.6.1-83.17.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • libopenssl1_0_0-1.0.1i-9.3 is installed
  • OR libopenssl1_0_0-32bit-1.0.1i-9.3 is installed
  • OR libopenssl1_0_0-hmac-1.0.1i-9.3 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.1i-9.3 is installed
  • OR openssl-1.0.1i-9.3 is installed
  • OR openssl-doc-1.0.1i-9.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • mozilla-nspr-4.10.10-9 is installed
  • OR mozilla-nspr-32bit-4.10.10-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • accountsservice-0.6.42-16.3 is installed
  • OR accountsservice-lang-0.6.42-16.3 is installed
  • OR libaccountsservice0-0.6.42-16.3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_60-52_49-default-2-2.2 is installed
  • OR kgraft-patch-3_12_60-52_49-xen-2-2.2 is installed
  • OR kgraft-patch-SLE12_Update_14-2-2.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND Package Information
  • libmysqlclient18-10.0.28-17 is installed
  • OR mariadb-10.0.28-17 is installed
  • OR mariadb-client-10.0.28-17 is installed
  • OR mariadb-errormessages-10.0.28-17 is installed
  • OR mariadb-tools-10.0.28-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • apache2-2.4.33-3.33 is installed
  • OR apache2-devel-2.4.33-3.33 is installed
  • OR apache2-doc-2.4.33-3.33 is installed
  • OR apache2-prefork-2.4.33-3.33 is installed
  • OR apache2-utils-2.4.33-3.33 is installed
  • OR apache2-worker-2.4.33-3.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-38.6.0esr-31.3 is installed
  • OR MozillaFirefox-devel-38.6.0esr-31.3 is installed
  • OR mozilla-nss-3.20.2-25.2 is installed
  • OR mozilla-nss-devel-3.20.2-25.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • gd-2.0.36.RC1-52.25.1 is installed
  • OR gd-devel-2.0.36.RC1-52.25.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND liblcms-devel-1.19-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND aaa_base-malloccheck-13.2+git20140911.61c1681-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND apache2-devel-2.4.23-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.25 is installed
  • OR kernel-default-extra-4.12.14-25.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.18 is installed
  • OR kernel-default-extra-4.12.14-197.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • gnome-shell-3.34.5-3.13 is installed
  • OR gnome-shell-calendar-3.34.5-3.13 is installed
    • BACK