| Revision Date: | 2020-12-01 | Version: | 1 |
| Title: | Security update for xen (Important) |
| Description: |
This update for xen fixes the following issues:
- CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. (bsc#1155945) - CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described 'Microarchitectural Data Sampling' attack. (bsc#1152497). - CVE-2019-18425: 32-bit PV guest user mode could elevate its privileges to that of the guest kernel. (bsc#1154456). - CVE-2019-18421: A malicious PV guest administrator may have been able to escalate their privilege to that of the host. (bsc#1154458). - CVE-2019-18420: Malicious x86 PV guests may have caused a hypervisor crash, resulting in a Denial of Service (Dos). (bsc#1154448)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1027282
1027519
1041090
1042670
1051510
1065729
1068664
1071995
1073269
1073748
1078326
1078485
1079300
1081750
1083507
1084650
1085030
1086001
1088004
1088009
1089524
1103320
1109847
1111666
1111793
1112178
1113755
1113956
1114279
1115015
1115022
1115025
1115375
1117001
1117260
1119947
1120489
1122191
1125601
1129346
1130245
1130840
1130847
1134078
1134452
1134506
1134697
1136572
1137815
1138459
1140461
1141780
1141781
1141782
1141783
1141784
1141785
1141787
1141788
1141789
1141853
1144333
1144502
1145579
1145580
1145582
1145774
1148868
1149792
1149955
1150660
1151850
1151927
1152107
1152497
1152624
1152649
1153238
1153830
1154036
1154037
1154093
1154448
1154456
1154458
1154461
1155200
1155945
1157490
1158983
1159035
1159058
1160932
1161016
1161883
1162002
1162063
1162160
1162689
1162691
1163309
1165206
1166985
1167007
1167104
1167152
1167373
1168081
1168140
1168142
1168143
1168683
1168959
1169194
1169392
1169514
1169659
1169771
1169795
1170011
1170313
1170442
1170592
1170617
1170618
1170765
1171124
1171424
1171529
1171530
1171558
1171732
1171739
1171743
1171746
1171753
1171759
1171835
1171841
1171868
1171904
1172140
1172247
1172257
1172344
1172437
1172458
1172484
1172537
1172538
1172687
1172719
1172726
1172759
1172775
1172781
1172782
1172783
1172871
1172872
1172999
1173060
1173074
1173146
1173265
1173280
1173284
1173428
1173514
1173567
1173573
1173659
1173746
1173758
1173818
1173820
1173825
1173826
1173833
1173838
1173839
1173845
1173857
1174113
1174115
1174122
1174123
1174186
1174187
1174296
1174343
1174356
1174409
1174438
1174462
1174543
214983
298378
346490
367853
379534
380942
399190
406051
425138
426563
430761
432677
436966
437293
441088
462375
525295
534721
551715
572673
577032
581765
603255
617751
637176
638233
658604
673071
682554
697251
707667
718009
747125
747794
751718
754447
766778
794139
804978
827982
831442
834601
836739
856835
856836
857470
863741
885882
898572
901715
935856
945401
964182
984751
985177
985348
989523
997436
CVE-2007-2052
CVE-2008-1721
CVE-2008-2315
CVE-2008-2316
CVE-2008-3142
CVE-2008-3143
CVE-2008-3144
CVE-2011-1521
CVE-2011-3389
CVE-2011-4944
CVE-2012-0845
CVE-2012-1150
CVE-2013-1752
CVE-2013-1753
CVE-2013-4238
CVE-2014-1912
CVE-2014-4650
CVE-2014-7185
CVE-2016-0772
CVE-2016-1000110
CVE-2016-5636
CVE-2016-5699
CVE-2017-1000158
CVE-2017-18207
CVE-2018-1000030
CVE-2018-1000199
CVE-2018-1000802
CVE-2018-1060
CVE-2018-1061
CVE-2018-12207
CVE-2018-14647
CVE-2018-16843
CVE-2018-16844
CVE-2018-16845
CVE-2018-16884
CVE-2018-19416
CVE-2018-19517
CVE-2018-20217
CVE-2018-20852
CVE-2019-10160
CVE-2019-11135
CVE-2019-12435
CVE-2019-12519
CVE-2019-12521
CVE-2019-12528
CVE-2019-15666
CVE-2019-16056
CVE-2019-16746
CVE-2019-16935
CVE-2019-17594
CVE-2019-17595
CVE-2019-18420
CVE-2019-18421
CVE-2019-18424
CVE-2019-18425
CVE-2019-18860
CVE-2019-20810
CVE-2019-20908
CVE-2019-2745
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2786
CVE-2019-2816
CVE-2019-2818
CVE-2019-2821
CVE-2019-5010
CVE-2019-6470
CVE-2019-7317
CVE-2019-9511
CVE-2019-9513
CVE-2019-9516
CVE-2019-9636
CVE-2019-9947
CVE-2019-9948
CVE-2020-0305
CVE-2020-10703
CVE-2020-10757
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10769
CVE-2020-10773
CVE-2020-10781
CVE-2020-11739
CVE-2020-11740
CVE-2020-11741
CVE-2020-11742
CVE-2020-11743
CVE-2020-11945
CVE-2020-12430
CVE-2020-12771
CVE-2020-12888
CVE-2020-13233
CVE-2020-13962
CVE-2020-13974
CVE-2020-14416
CVE-2020-15393
CVE-2020-15780
CVE-2020-8517
SUSE-SU-2019:0806-1
SUSE-SU-2019:1574-1
SUSE-SU-2019:2002-1
SUSE-SU-2019:2309-1
SUSE-SU-2019:2657-1
SUSE-SU-2019:2960-1
SUSE-SU-2019:2997-1
SUSE-SU-2020:0234-1
SUSE-SU-2020:1124-1
SUSE-SU-2020:1156-1
SUSE-SU-2020:1208-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Python2 packages 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information
gtk2-2.18.9-0.39 is installed
OR gtk2-32bit-2.18.9-0.39 is installed
OR gtk2-lang-2.18.9-0.39 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 11 SP4 is installed
AND cabextract-1.2-2.12 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 is installed
AND Package Information
bash-4.2-75 is installed
OR bash-doc-4.2-75 is installed
OR bash-lang-4.2-75 is installed
OR libreadline6-6.2-75 is installed
OR libreadline6-32bit-6.2-75 is installed
OR readline-doc-6.2-75 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP1 is installed
AND Package Information
fuse-2.9.3-5 is installed
OR libfuse2-2.9.3-5 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP2 is installed
AND Package Information
ecryptfs-utils-103-7 is installed
OR ecryptfs-utils-32bit-103-7 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP3 is installed
AND Package Information
cyrus-sasl-2.1.26-7 is installed
OR cyrus-sasl-32bit-2.1.26-7 is installed
OR cyrus-sasl-crammd5-2.1.26-7 is installed
OR cyrus-sasl-crammd5-32bit-2.1.26-7 is installed
OR cyrus-sasl-digestmd5-2.1.26-7 is installed
OR cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed
OR cyrus-sasl-gssapi-2.1.26-7 is installed
OR cyrus-sasl-gssapi-32bit-2.1.26-7 is installed
OR cyrus-sasl-plain-2.1.26-7 is installed
OR cyrus-sasl-plain-32bit-2.1.26-7 is installed
OR cyrus-sasl-saslauthd-2.1.26-7 is installed
OR libsasl2-3-2.1.26-7 is installed
OR libsasl2-3-32bit-2.1.26-7 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP4 is installed
AND Package Information
libXp6-1.0.2-3 is installed
OR libXp6-32bit-1.0.2-3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Basesystem 15 is installed
AND Package Information
xen-4.10.4_06-3.25 is installed
OR xen-libs-4.10.4_06-3.25 is installed
OR xen-tools-domU-4.10.4_06-3.25 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
AND Package Information
libncurses5-6.1-5.6 is installed
OR libncurses5-32bit-6.1-5.6 is installed
OR ncurses-6.1-5.6 is installed
OR ncurses5-devel-6.1-5.6 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Live Patching 15 is installed
AND Package Information
kernel-livepatch-4_12_14-25_22-default-3-2 is installed
OR kernel-livepatch-SLE15_Update_6-3-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
AND Package Information
kernel-livepatch-4_12_14-195-default-12-34 is installed
OR kernel-livepatch-SLE15-SP1_Update_0-12-34 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
AND Package Information
krb5-mini-1.15.2-6.3 is installed
OR krb5-mini-devel-1.15.2-6.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
AND Package Information
ctdb-pcp-pmda-4.9.5+git.176.375e1f05788-3.6 is installed
OR ctdb-tests-4.9.5+git.176.375e1f05788-3.6 is installed
OR libdcerpc-samr0-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
OR libsamba-policy-python-devel-4.9.5+git.176.375e1f05788-3.6 is installed
OR libsamba-policy0-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
OR libsamba-policy0-python3-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
OR libsmbclient0-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
OR samba-4.9.5+git.176.375e1f05788-3.6 is installed
OR samba-ad-dc-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
OR samba-ceph-4.9.5+git.176.375e1f05788-3.6 is installed
OR samba-client-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
OR samba-doc-4.9.5+git.176.375e1f05788-3.6 is installed
OR samba-libs-python-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
OR samba-libs-python3-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
OR samba-test-4.9.5+git.176.375e1f05788-3.6 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
AND Package Information
libQt5Bootstrap-devel-static-5.12.7-4.3 is installed
OR libQt5Bootstrap-devel-static-32bit-5.12.7-4.3 is installed
OR libQt5Concurrent-devel-32bit-5.12.7-4.3 is installed
OR libQt5Concurrent5-32bit-5.12.7-4.3 is installed
OR libQt5Core-devel-32bit-5.12.7-4.3 is installed
OR libQt5Core5-32bit-5.12.7-4.3 is installed
OR libQt5DBus-devel-32bit-5.12.7-4.3 is installed
OR libQt5DBus5-32bit-5.12.7-4.3 is installed
OR libQt5Gui-devel-32bit-5.12.7-4.3 is installed
OR libQt5Gui5-32bit-5.12.7-4.3 is installed
OR libQt5Network-devel-32bit-5.12.7-4.3 is installed
OR libQt5Network5-32bit-5.12.7-4.3 is installed
OR libQt5OpenGL-devel-32bit-5.12.7-4.3 is installed
OR libQt5OpenGL5-32bit-5.12.7-4.3 is installed
OR libQt5OpenGLExtensions-devel-static-32bit-5.12.7-4.3 is installed
OR libQt5PlatformSupport-devel-static-32bit-5.12.7-4.3 is installed
OR libQt5PrintSupport-devel-32bit-5.12.7-4.3 is installed
OR libQt5PrintSupport5-32bit-5.12.7-4.3 is installed
OR libQt5Sql-devel-32bit-5.12.7-4.3 is installed
OR libQt5Sql5-32bit-5.12.7-4.3 is installed
OR libQt5Sql5-mysql-32bit-5.12.7-4.3 is installed
OR libQt5Sql5-postgresql-32bit-5.12.7-4.3 is installed
OR libQt5Sql5-sqlite-32bit-5.12.7-4.3 is installed
OR libQt5Sql5-unixODBC-32bit-5.12.7-4.3 is installed
OR libQt5Test-devel-32bit-5.12.7-4.3 is installed
OR libQt5Test5-32bit-5.12.7-4.3 is installed
OR libQt5Widgets-devel-32bit-5.12.7-4.3 is installed
OR libQt5Widgets5-32bit-5.12.7-4.3 is installed
OR libQt5Xml-devel-32bit-5.12.7-4.3 is installed
OR libQt5Xml5-32bit-5.12.7-4.3 is installed
OR libqt5-qtbase-5.12.7-4.3 is installed
OR libqt5-qtbase-examples-5.12.7-4.3 is installed
OR libqt5-qtbase-examples-32bit-5.12.7-4.3 is installed
OR libqt5-qtbase-platformtheme-xdgdesktopportal-5.12.7-4.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
AND Package Information
python-2.7.17-7.32 is installed
OR python-base-2.7.17-7.32 is installed
OR python-curses-2.7.17-7.32 is installed
OR python-devel-2.7.17-7.32 is installed
OR python-gdbm-2.7.17-7.32 is installed
OR python-xml-2.7.17-7.32 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
AND Package Information
nginx-1.14.2-6.3 is installed
OR nginx-source-1.14.2-6.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP1 is installed
AND shim-0.9-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP1-LTSS is installed
AND Package Information
kgraft-patch-3_12_69-60_64_35-default-5-2 is installed
OR kgraft-patch-3_12_69-60_64_35-xen-5-2 is installed
OR kgraft-patch-SLE12-SP1_Update_14-5-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
accountsservice-0.6.42-14 is installed
OR accountsservice-lang-0.6.42-14 is installed
OR libaccountsservice0-0.6.42-14 is installed
OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2-BCL is installed
AND ucode-intel-20180425-13.20 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
AND Package Information
dovecot22-2.2.31-19.11 is installed
OR dovecot22-backend-mysql-2.2.31-19.11 is installed
OR dovecot22-backend-pgsql-2.2.31-19.11 is installed
OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2-LTSS is installed
AND Package Information
kgraft-patch-4_4_103-92_56-default-11-2 is installed
OR kgraft-patch-SLE12-SP2_Update_17-11-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3 is installed
AND Package Information
libfreetype6-2.6.3-7.10 is installed
OR libfreetype6-32bit-2.6.3-7.10 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
AND Package Information
MozillaFirefox-60.9.0-109.86 is installed
OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-LTSS is installed
AND Package Information
kgraft-patch-4_4_162-94_69-default-7-2 is installed
OR kgraft-patch-SLE12-SP3_Update_21-7-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
AND Package Information
ghostscript-9.27-23.31 is installed
OR ghostscript-x11-9.27-23.31 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 15-LTSS is installed
AND Package Information
apache2-2.4.33-3.30 is installed
OR apache2-devel-2.4.33-3.30 is installed
OR apache2-doc-2.4.33-3.30 is installed
OR apache2-prefork-2.4.33-3.30 is installed
OR apache2-utils-2.4.33-3.30 is installed
OR apache2-worker-2.4.33-3.30 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server for SAP Applications 15 is installed
AND Package Information
rmt-server-2.5.7-3.31 is installed
OR rmt-server-config-2.5.7-3.31 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 15 is installed
AND Package Information
freerdp-2.0.0~rc4-3.10 is installed
OR freerdp-devel-2.0.0~rc4-3.10 is installed
OR libfreerdp2-2.0.0~rc4-3.10 is installed
OR libwinpr2-2.0.0~rc4-3.10 is installed
OR winpr2-devel-2.0.0~rc4-3.10 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
AND Package Information
libopencv3_3-3.3.1-6.6 is installed
OR opencv-3.3.1-6.6 is installed
OR opencv-devel-3.3.1-6.6 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
AND Package Information
libEMF-1.0.7-3.3 is installed
OR libEMF1-1.0.7-3.3 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud 6 is installed
AND ruby2.1-rubygem-bson-1_11-1.11.1-2 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud 7 is installed
AND python-tablib-0.9.11-3 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud 8 is installed
AND Package Information
glib2-2.48.2-12.15 is installed
OR glib2-lang-2.48.2-12.15 is installed
OR glib2-tools-2.48.2-12.15 is installed
OR libgio-2_0-0-2.48.2-12.15 is installed
OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
OR libglib-2_0-0-2.48.2-12.15 is installed
OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
OR libgmodule-2_0-0-2.48.2-12.15 is installed
OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
OR libgobject-2_0-0-2.48.2-12.15 is installed
OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
OR libgthread-2_0-0-2.48.2-12.15 is installed
OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud Crowbar 8 is installed
AND python-Twisted-15.2.1-9.5 is installed
|