Oval Definition:	oval:org.opensuse.security:def:51955
Revision Date: 2022-11-16 Version: 1 Title: Security update for xen (Important) Description: This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#1203806). - CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807). - CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory (bsc#1204482) - CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485) - CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes (bsc#1204487) - CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free temporary memory (bsc#1204488) - CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains (bsc#1204489) - CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack (bsc#1204490) - CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes (bsc#1204494) - CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary number of nodes via transactions (bsc#1204496) - xen: Frontends vulnerable to backends (bsc#1193923). Family: unix Class: patch Status: Reference(s): 1027519 1084671 1092920 1106383 1123156 1127532 1133495 1139884 1139885 1139886 1140100 1140102 1140103 1140104 1140105 1140106 1140110 1140111 1140501 1140513 1140520 1140534 1140538 1140543 1140545 1140547 1140549 1140552 1140554 1140664 1140665 1140666 1140667 1140668 1140669 1140673 1141171 1149121 1149792 1149955 1151377 1151490 1153238 1154256 1155207 1155574 1156213 1156482 1158485 1159814 1161066 1161436 1162108 1163018 1165548 1165776 1166240 1170940 1173157 1174139 1174955 1175465 1176409 1176412 1176430 1177155 1189521 1193923 1203806 1203807 1204482 1204483 1204485 1204487 1204488 1204489 1204490 1204494 1204496 CVE-2004-0801 CVE-2006-0855 CVE-2007-1669 CVE-2009-0696 CVE-2009-4022 CVE-2010-3613 CVE-2010-3614 CVE-2010-3615 CVE-2010-4267 CVE-2011-0414 CVE-2011-1907 CVE-2011-1910 CVE-2011-2464 CVE-2011-2697 CVE-2011-2722 CVE-2011-3630 CVE-2011-3631 CVE-2011-3632 CVE-2011-4313 CVE-2012-1667 CVE-2012-3817 CVE-2012-3868 CVE-2012-4244 CVE-2012-5166 CVE-2012-5688 CVE-2012-5689 CVE-2013-0157 CVE-2013-1981 CVE-2013-1988 CVE-2013-1997 CVE-2013-2004 CVE-2013-2266 CVE-2013-4325 CVE-2013-4854 CVE-2013-6402 CVE-2013-6427 CVE-2014-0591 CVE-2014-1829 CVE-2014-1830 CVE-2014-8500 CVE-2014-9114 CVE-2015-0839 CVE-2015-1349 CVE-2015-2296 CVE-2015-4620 CVE-2015-5218 CVE-2015-5477 CVE-2015-5722 CVE-2015-8000 CVE-2015-8704 CVE-2016-1285 CVE-2016-1286 CVE-2016-2776 CVE-2016-7942 CVE-2019-12974 CVE-2019-12975 CVE-2019-12976 CVE-2019-12977 CVE-2019-12978 CVE-2019-12979 CVE-2019-13133 CVE-2019-13134 CVE-2019-13135 CVE-2019-13136 CVE-2019-13137 CVE-2019-13295 CVE-2019-13296 CVE-2019-13297 CVE-2019-13298 CVE-2019-13299 CVE-2019-13300 CVE-2019-13301 CVE-2019-13302 CVE-2019-13303 CVE-2019-13304 CVE-2019-13305 CVE-2019-13306 CVE-2019-13307 CVE-2019-13308 CVE-2019-13309 CVE-2019-13310 CVE-2019-13311 CVE-2019-13391 CVE-2019-13454 CVE-2019-16056 CVE-2019-16935 CVE-2019-20382 CVE-2019-20386 CVE-2019-5737 CVE-2019-6778 CVE-2020-14392 CVE-2020-14393 CVE-2020-15708 CVE-2020-1711 CVE-2020-1712 CVE-2020-1983 CVE-2020-25637 CVE-2020-7039 CVE-2020-8608 CVE-2021-3712 CVE-2022-33746 CVE-2022-33747 CVE-2022-33748 CVE-2022-42309 CVE-2022-42310 CVE-2022-42311 CVE-2022-42312 CVE-2022-42313 CVE-2022-42314 CVE-2022-42315 CVE-2022-42316 CVE-2022-42317 CVE-2022-42318 CVE-2022-42319 CVE-2022-42320 CVE-2022-42321 CVE-2022-42322 CVE-2022-42323 CVE-2022-42325 CVE-2022-42326 CVE-2022-42327 SUSE-SU-2019:0627-1 SUSE-SU-2019:2106-1 SUSE-SU-2019:2802-1 SUSE-SU-2020:0335-1 SUSE-SU-2020:1213-1 SUSE-SU-2020:1523-1 SUSE-SU-2020:2645-1 SUSE-SU-2020:2970-1 SUSE-SU-2021:2996-1 SUSE-SU-2022:4007-1 Platform(s): openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information cups-pk-helper-0.2.6-lp150.1 is installed OR cups-pk-helper-lang-0.2.6-lp150.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND puppet-2.6.18-0.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND sblim-sfcb-1.3.11-0.25 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND hardlink-1.0-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libblkid1-2.25-30 is installed OR libblkid1-32bit-2.25-30 is installed OR libmount1-2.25-30 is installed OR libmount1-32bit-2.25-30 is installed OR libsmartcols1-2.25-30 is installed OR libuuid-devel-2.25-30 is installed OR libuuid1-2.25-30 is installed OR libuuid1-32bit-2.25-30 is installed OR python-libmount-2.25-30 is installed OR util-linux-2.25-30 is installed OR util-linux-lang-2.25-30 is installed OR util-linux-systemd-2.25-30 is installed OR uuidd-2.25-30 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bind-libs-9.9.9P1-46 is installed OR bind-libs-32bit-9.9.9P1-46 is installed OR bind-utils-9.9.9P1-46 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information hplip-3.16.11-1 is installed OR hplip-hpijs-3.16.11-1 is installed OR hplip-sane-3.16.11-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information fuse-2.9.3-6.3 is installed OR libfuse2-2.9.3-6.3 is installed Definition Synopsis SUSE Linux Enterprise Micro 5.3 is installed AND xen-libs-4.16.2_08-150400.4.16.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information ImageMagick-7.0.7.34-3.67 is installed OR ImageMagick-config-7-upstream-7.0.7.34-3.67 is installed OR ImageMagick-devel-32bit-7.0.7.34-3.67 is installed OR ImageMagick-doc-7.0.7.34-3.67 is installed OR ImageMagick-extra-7.0.7.34-3.67 is installed OR libMagick++-7_Q16HDRI4-32bit-7.0.7.34-3.67 is installed OR libMagick++-devel-32bit-7.0.7.34-3.67 is installed OR libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-3.67 is installed OR libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-3.67 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information rmt-server-2.5.7-3.15 is installed OR rmt-server-config-2.5.7-3.15 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information libvirt-6.0.0-13.8 is installed OR libvirt-admin-6.0.0-13.8 is installed OR libvirt-bash-completion-6.0.0-13.8 is installed OR libvirt-client-6.0.0-13.8 is installed OR libvirt-daemon-6.0.0-13.8 is installed OR libvirt-daemon-config-network-6.0.0-13.8 is installed OR libvirt-daemon-config-nwfilter-6.0.0-13.8 is installed OR libvirt-daemon-driver-interface-6.0.0-13.8 is installed OR libvirt-daemon-driver-libxl-6.0.0-13.8 is installed OR libvirt-daemon-driver-lxc-6.0.0-13.8 is installed OR libvirt-daemon-driver-network-6.0.0-13.8 is installed OR libvirt-daemon-driver-nodedev-6.0.0-13.8 is installed OR libvirt-daemon-driver-nwfilter-6.0.0-13.8 is installed OR libvirt-daemon-driver-qemu-6.0.0-13.8 is installed OR libvirt-daemon-driver-secret-6.0.0-13.8 is installed OR libvirt-daemon-driver-storage-6.0.0-13.8 is installed OR libvirt-daemon-driver-storage-core-6.0.0-13.8 is installed OR libvirt-daemon-driver-storage-disk-6.0.0-13.8 is installed OR libvirt-daemon-driver-storage-iscsi-6.0.0-13.8 is installed OR libvirt-daemon-driver-storage-logical-6.0.0-13.8 is installed OR libvirt-daemon-driver-storage-mpath-6.0.0-13.8 is installed OR libvirt-daemon-driver-storage-rbd-6.0.0-13.8 is installed OR libvirt-daemon-driver-storage-scsi-6.0.0-13.8 is installed OR libvirt-daemon-hooks-6.0.0-13.8 is installed OR libvirt-daemon-lxc-6.0.0-13.8 is installed OR libvirt-daemon-qemu-6.0.0-13.8 is installed OR libvirt-daemon-xen-6.0.0-13.8 is installed OR libvirt-devel-6.0.0-13.8 is installed OR libvirt-doc-6.0.0-13.8 is installed OR libvirt-lock-sanlock-6.0.0-13.8 is installed OR libvirt-nss-6.0.0-13.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs10-10.15.2-1.6 is installed OR nodejs10-devel-10.15.2-1.6 is installed OR nodejs10-docs-10.15.2-1.6 is installed OR npm10-10.15.2-1.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libpng12-0-1.2.50-8 is installed OR libpng12-0-32bit-1.2.50-8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_24-default-10-2 is installed OR kgraft-patch-3_12_67-60_64_24-xen-10-2 is installed OR kgraft-patch-SLE12-SP1_Update_11-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cpio-2.11-29 is installed OR cpio-lang-2.11-29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libopenssl-devel-1.0.2j-60.30 is installed OR libopenssl1_0_0-1.0.2j-60.30 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed OR openssl-1.0.2j-60.30 is installed OR openssl-doc-1.0.2j-60.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND ucode-intel-20180425-13.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND clamav-0.100.3-33.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information xen-4.9.2_10-3.41 is installed OR xen-doc-html-4.9.2_10-3.41 is installed OR xen-libs-4.9.2_10-3.41 is installed OR xen-libs-32bit-4.9.2_10-3.41 is installed OR xen-tools-4.9.2_10-3.41 is installed OR xen-tools-domU-4.9.2_10-3.41 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.8 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.8 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information qemu-2.11.2-9.36 is installed OR qemu-arm-2.11.2-9.36 is installed OR qemu-block-curl-2.11.2-9.36 is installed OR qemu-block-iscsi-2.11.2-9.36 is installed OR qemu-block-rbd-2.11.2-9.36 is installed OR qemu-block-ssh-2.11.2-9.36 is installed OR qemu-guest-agent-2.11.2-9.36 is installed OR qemu-ipxe-1.0.0+-9.36 is installed OR qemu-kvm-2.11.2-9.36 is installed OR qemu-lang-2.11.2-9.36 is installed OR qemu-ppc-2.11.2-9.36 is installed OR qemu-s390-2.11.2-9.36 is installed OR qemu-seabios-1.11.0-9.36 is installed OR qemu-sgabios-8-9.36 is installed OR qemu-tools-2.11.2-9.36 is installed OR qemu-vgabios-1.11.0-9.36 is installed OR qemu-x86-2.11.2-9.36 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND Package Information libopenssl1_1-1.1.1d-2.39.2 is installed OR libopenssl1_1-32bit-1.1.1d-2.39.2 is installed OR openssl-1_1-1.1.1d-2.39.2 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND perl-DBI-1.639-3.8 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openvpn-2.3.8-16.20 is installed OR openvpn-auth-pam-plugin-2.3.8-16.20 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libopenssl-devel-1.0.2j-60.39 is installed OR libopenssl1_0_0-1.0.2j-60.39 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed OR openssl-1.0.2j-60.39 is installed OR openssl-doc-1.0.2j-60.39 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
BACK