Oval Definition:oval:org.opensuse.security:def:55513
Revision Date:2020-12-01Version:1
Title:Security update for xen (Important)
Description:



XEN was updated to fix two security issues and bugs.

Security issues fixed: * CVE-2015-3340: Xen did not initialize certain fields, which allowed certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.

CVE-2015-2751: Xen, when using toolstack disaggregation, allowed remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.

CVE-2015-2752: The XEN_DOMCTL_memory_mapping hypercall in Xen, when using a PCI passthrough device, was not preemptable, which allowed local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm).

CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation, which could be used to denial of service attacks or potential code execution against the host.

Bugs fixed: - xentop: Fix memory leak on read failure
Family:unixClass:patch
Status:Reference(s):1012964
1052481
1052829
1060354
1060355
1060360
1060361
1060362
1060364
1111177
1113246
1114710
1121567
1124847
1125401
1128525
1133925
1136364
1141093
843509
911812
922705
922709
927967
929339
968849
969894
CVE-2012-1571
CVE-2012-4504
CVE-2013-2061
CVE-2014-3710
CVE-2014-8116
CVE-2014-8117
CVE-2014-9474
CVE-2015-2751
CVE-2015-2752
CVE-2015-3340
CVE-2015-3456
CVE-2016-10245
CVE-2016-1950
CVE-2016-1952
CVE-2016-1953
CVE-2016-1954
CVE-2016-1957
CVE-2016-1958
CVE-2016-1960
CVE-2016-1961
CVE-2016-1962
CVE-2016-1964
CVE-2016-1965
CVE-2016-1966
CVE-2016-1974
CVE-2016-1977
CVE-2016-1978
CVE-2016-1979
CVE-2016-2098
CVE-2016-2790
CVE-2016-2791
CVE-2016-2792
CVE-2016-2793
CVE-2016-2794
CVE-2016-2795
CVE-2016-2796
CVE-2016-2797
CVE-2016-2798
CVE-2016-2799
CVE-2016-2800
CVE-2016-2801
CVE-2016-2802
CVE-2016-9079
CVE-2017-1000117
CVE-2017-14491
CVE-2017-14492
CVE-2017-14493
CVE-2017-14494
CVE-2017-14495
CVE-2017-14496
CVE-2017-7753
CVE-2017-7779
CVE-2017-7782
CVE-2017-7784
CVE-2017-7785
CVE-2017-7786
CVE-2017-7787
CVE-2017-7791
CVE-2017-7792
CVE-2017-7798
CVE-2017-7800
CVE-2017-7801
CVE-2017-7802
CVE-2017-7803
CVE-2017-7804
CVE-2017-7807
CVE-2018-14662
CVE-2018-16846
CVE-2018-16889
CVE-2019-13050
CVE-2019-8936
SUSE-SU-2015:0923-1
SUSE-SU-2016:0777-1
SUSE-SU-2016:0867-1
SUSE-SU-2016:3048-1
SUSE-SU-2017:2320-1
SUSE-SU-2017:2589-1
SUSE-SU-2017:2618-1
SUSE-SU-2019:0499-1
SUSE-SU-2019:0789-1
SUSE-SU-2019:1141-1
SUSE-SU-2019:1570-1
SUSE-SU-2019:2480-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • dbus-1-1.12.2-lp150.1 is installed
  • OR dbus-1-x11-1.12.2-lp150.1 is installed
  • OR libdbus-1-3-1.12.2-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libtasn1-4.13-lp151.4.3 is installed
  • OR libtasn1-6-4.13-lp151.4.3 is installed
  • OR libtasn1-6-32bit-4.13-lp151.4.3 is installed
  • OR libtasn1-devel-4.13-lp151.4.3 is installed
  • OR libtasn1-devel-32bit-4.13-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND openvpn-2.0.9-143.33.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • MozillaFirefox-38.7.0esr-37 is installed
  • OR MozillaFirefox-translations-38.7.0esr-37 is installed
  • OR libfreebl3-3.20.2-28 is installed
  • OR libfreebl3-32bit-3.20.2-28 is installed
  • OR libsoftokn3-3.20.2-28 is installed
  • OR libsoftokn3-32bit-3.20.2-28 is installed
  • OR mozilla-nspr-4.12-24 is installed
  • OR mozilla-nspr-32bit-4.12-24 is installed
  • OR mozilla-nss-3.20.2-28 is installed
  • OR mozilla-nss-32bit-3.20.2-28 is installed
  • OR mozilla-nss-tools-3.20.2-28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • xen-4.4.2_04-18 is installed
  • OR xen-kmp-default-4.4.2_04_k3.12.39_47-18 is installed
  • OR xen-libs-4.4.2_04-18 is installed
  • OR xen-libs-32bit-4.4.2_04-18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • ceph-12.2.10+git.1549630712.bb089269ea-2.27 is installed
  • OR ceph-common-12.2.10+git.1549630712.bb089269ea-2.27 is installed
  • OR libcephfs2-12.2.10+git.1549630712.bb089269ea-2.27 is installed
  • OR librados2-12.2.10+git.1549630712.bb089269ea-2.27 is installed
  • OR libradosstriper1-12.2.10+git.1549630712.bb089269ea-2.27 is installed
  • OR librbd1-12.2.10+git.1549630712.bb089269ea-2.27 is installed
  • OR librgw2-12.2.10+git.1549630712.bb089269ea-2.27 is installed
  • OR python-cephfs-12.2.10+git.1549630712.bb089269ea-2.27 is installed
  • OR python-rados-12.2.10+git.1549630712.bb089269ea-2.27 is installed
  • OR python-rbd-12.2.10+git.1549630712.bb089269ea-2.27 is installed
  • OR python-rgw-12.2.10+git.1549630712.bb089269ea-2.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libopenssl1_1-1.1.1b-2.12 is installed
  • OR libopenssl1_1-32bit-1.1.1b-2.12 is installed
  • OR openssl-1_1-1.1.1b-2.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • file-5.19-9 is installed
  • OR file-magic-5.19-9 is installed
  • OR libmagic1-5.19-9 is installed
  • OR libmagic1-32bit-5.19-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • git-2.12.3-27.5 is installed
  • OR git-core-2.12.3-27.5 is installed
  • OR git-doc-2.12.3-27.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.101-14 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.101-14 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.101-14 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.101-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.8.0-109.119 is installed
  • OR MozillaFirefox-devel-68.8.0-109.119 is installed
  • OR MozillaFirefox-translations-common-68.8.0-109.119 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_101-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_27-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kernel-firmware-20170530-21.22 is installed
  • OR ucode-amd-20170530-21.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gv-3.7.4-1 is installed
  • OR wdiff-1.2.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.1.0-109.89 is installed
  • OR MozillaFirefox-branding-SLE-68-32.8 is installed
  • OR MozillaFirefox-translations-common-68.1.0-109.89 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_61-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_19-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libtirpc-1.0.1-17.6 is installed
  • OR libtirpc-netconfig-1.0.1-17.6 is installed
  • OR libtirpc3-1.0.1-17.6 is installed
  • OR libtirpc3-32bit-1.0.1-17.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND clamav-0.100.2-33.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • ruby2.1-rubygem-actionview-4_2-4.2.2-8 is installed
  • OR rubygem-actionview-4_2-4.2.2-8 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • glibc-2.22-62.13 is installed
  • OR glibc-32bit-2.22-62.13 is installed
  • OR glibc-devel-2.22-62.13 is installed
  • OR glibc-devel-32bit-2.22-62.13 is installed
  • OR glibc-html-2.22-62.13 is installed
  • OR glibc-i18ndata-2.22-62.13 is installed
  • OR glibc-info-2.22-62.13 is installed
  • OR glibc-locale-2.22-62.13 is installed
  • OR glibc-locale-32bit-2.22-62.13 is installed
  • OR glibc-profile-2.22-62.13 is installed
  • OR glibc-profile-32bit-2.22-62.13 is installed
  • OR nscd-2.22-62.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • cups-1.7.5-20.29 is installed
  • OR cups-client-1.7.5-20.29 is installed
  • OR cups-libs-1.7.5-20.29 is installed
  • OR cups-libs-32bit-1.7.5-20.29 is installed
    • BACK