OVAL Reference oval:org.opensuse.security:def:56162

Oval Definition:

oval:org.opensuse.security:def:56162

Revision Date:	2020-12-01	Version:	1
Title:	Security update for xen (Important)
Description:	This update for xen to version 4.7.3 fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information (XSA-226, bsc#1051787). - CVE-2017-12137: Incorrectly-aligned updates to pagetables allowed for privilege escalation (XSA-227, bsc#1051788). - CVE-2017-12136: Race conditions with maptrack free list handling allows a malicious guest administrator to crash the host or escalate their privilege to that of the host (XSA-228, bsc#1051789). - CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP options string (bsc#1049578). - CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt (bsc#1046637). - CVE-2017-12855: Premature clearing of GTF_writing / GTF_reading lead to potentially leaking sensitive information (XSA-230 CVE-2017-12855). These non-security issues were fixed: - bsc#1055695: XEN: 11SP4 and 12SP3 HVM guests can not be restored after the save using xl stack - bsc#1035231: Migration of HVM domU did not use superpages on destination dom0 - bsc#1002573: Optimized LVM functions in block-dmmd block-dmmd - bsc#1037840: Xen-detect always showed HVM for PV guests
Family:	unix	Class:	patch
Status:		Reference(s):	1002573 1004237 1021315 1026236 1027575 1035231 1037840 1038564 1042892 1046191 1046637 1046856 1049578 1050751 1051787 1051788 1051789 1052686 1055695 1102682 1103203 1105323 1119947 870082 952188 952871 963415 967787 968046 968047 968048 968051 968053 968374 CVE-2009-2625 CVE-2009-2911 CVE-2009-3560 CVE-2009-3720 CVE-2009-4273 CVE-2010-0411 CVE-2010-0412 CVE-2012-0035 CVE-2012-0876 CVE-2012-1147 CVE-2012-1148 CVE-2013-7447 CVE-2014-0107 CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 CVE-2014-4607 CVE-2014-5044 CVE-2015-2695 CVE-2015-3197 CVE-2015-5276 CVE-2016-0702 CVE-2016-0703 CVE-2016-0705 CVE-2016-0797 CVE-2016-0799 CVE-2016-0800 CVE-2016-10164 CVE-2016-6855 CVE-2016-8602 CVE-2016-9603 CVE-2017-1000083 CVE-2017-10664 CVE-2017-11434 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 CVE-2017-2636 CVE-2017-7533 CVE-2017-7645 CVE-2017-8890 CVE-2017-9242 CVE-2018-10902 CVE-2018-16884 CVE-2018-5390 SUSE-SU-2015:1898-1 SUSE-SU-2016:0624-1 SUSE-SU-2016:2654-1 SUSE-SU-2017:0467-1 SUSE-SU-2017:2088-1 SUSE-SU-2017:2326-1 SUSE-SU-2017:3428-1 SUSE-SU-2019:0356-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information emacs-25.3-lp150.1 is installed OR emacs-info-25.3-lp150.1 is installed OR emacs-nox-25.3-lp150.1 is installed OR etags-25.3-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND bubblewrap-0.3.3-lp151.2.3 is installed
Definition Synopsis
openSUSE Leap 15.1 NonFree is installed AND opera-65.0.3467.62-lp151.2.9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND xalan-j2-2.7.0-217.26 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information krb5-1.6.3-133.49.97 is installed OR krb5-32bit-1.6.3-133.49.97 is installed OR krb5-client-1.6.3-133.49.97 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information xen-4.7.3_03-43.9 is installed OR xen-libs-4.7.3_03-43.9 is installed OR xen-libs-32bit-4.7.3_03-43.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information expat-2.1.0-13 is installed OR libexpat1-2.1.0-13 is installed OR libexpat1-32bit-2.1.0-13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_62-60_64_8-default-10-2 is installed OR kgraft-patch-3_12_62-60_64_8-xen-10-2 is installed OR kgraft-patch-SLE12-SP1_Update_8-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cpp48-4.8.5-30 is installed OR gcc48-4.8.5-30 is installed OR gcc48-32bit-4.8.5-30 is installed OR gcc48-c++-4.8.5-30 is installed OR gcc48-info-4.8.5-30 is installed OR gcc48-locale-4.8.5-30 is installed OR libasan0-4.8.5-30 is installed OR libasan0-32bit-4.8.5-30 is installed OR libstdc++48-devel-4.8.5-30 is installed OR libstdc++48-devel-32bit-4.8.5-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ntp-4.2.8p11-64.5 is installed OR ntp-doc-4.2.8p11-64.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libmysqlclient18-10.0.35-29.20 is installed OR libmysqlclient18-32bit-10.0.35-29.20 is installed OR mariadb-10.0.35-29.20 is installed OR mariadb-client-10.0.35-29.20 is installed OR mariadb-errormessages-10.0.35-29.20 is installed OR mariadb-tools-10.0.35-29.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libecpg6-9.6.3-2 is installed OR libpq5-9.6.3-2 is installed OR libpq5-32bit-9.6.3-2 is installed OR postgresql96-9.6.3-2 is installed OR postgresql96-contrib-9.6.3-2 is installed OR postgresql96-docs-9.6.3-2 is installed OR postgresql96-server-9.6.3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND libopenjp2-7-2.1.0-4.9 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-Twisted-15.2.1-9.8 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information python-cffi-1.11.2-5.11 is installed OR python-cryptography-2.1.4-7.28 is installed OR python-xattr-0.7.5-6.3 is installed OR python3-cffi-1.11.2-5.11 is installed OR python3-cryptography-2.1.4-7.28 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1569587091.3f083d63c-3.10 is installed OR crowbar-core-branding-upstream-6.0+git.1569587091.3f083d63c-3.10 is installed OR crowbar-ha-6.0+git.1567673476.1342c3d-3.10 is installed OR crowbar-openstack-6.0+git.1569805311.a94583476-3.10 is installed OR crowbar-ui-1.3.0+git.1568396400.0344a727-11 is installed OR grafana-6.2.5-3.6 is installed OR grafana-monasca-ui-drilldown-1.14.1~dev9-3.6 is installed OR novnc-1.1.0-3.3 is installed OR openstack-cinder-13.0.7~dev16-3.10 is installed OR openstack-cinder-api-13.0.7~dev16-3.10 is installed OR openstack-cinder-backup-13.0.7~dev16-3.10 is installed OR openstack-cinder-scheduler-13.0.7~dev16-3.10 is installed OR openstack-cinder-volume-13.0.7~dev16-3.10 is installed OR openstack-dashboard-14.0.4~dev11-3.6 is installed OR openstack-designate-7.0.1~dev22-3.10 is installed OR openstack-designate-agent-7.0.1~dev22-3.10 is installed OR openstack-designate-api-7.0.1~dev22-3.10 is installed OR openstack-designate-central-7.0.1~dev22-3.10 is installed OR openstack-designate-producer-7.0.1~dev22-3.10 is installed OR openstack-designate-sink-7.0.1~dev22-3.10 is installed OR openstack-designate-worker-7.0.1~dev22-3.10 is installed OR openstack-glance-17.0.1~dev30-3.3 is installed OR openstack-glance-api-17.0.1~dev30-3.3 is installed OR openstack-heat-11.0.3~dev23-3.10 is installed OR openstack-heat-api-11.0.3~dev23-3.10 is installed OR openstack-heat-api-cfn-11.0.3~dev23-3.10 is installed OR openstack-heat-engine-11.0.3~dev23-3.10 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev23-3.10 is installed OR openstack-horizon-plugin-heat-ui-1.4.1~dev4-4.6 is installed OR openstack-horizon-plugin-monasca-ui-1.14.1~dev9-3.6 is installed OR openstack-ironic-11.1.4~dev15-3.10 is installed OR openstack-ironic-api-11.1.4~dev15-3.10 is installed OR openstack-ironic-conductor-11.1.4~dev15-3.10 is installed OR openstack-ironic-python-agent-3.3.3~dev5-3.10 is installed OR openstack-keystone-14.1.1~dev16-3.10 is installed OR openstack-manila-7.3.1~dev6-4.10 is installed OR openstack-manila-api-7.3.1~dev6-4.10 is installed OR openstack-manila-data-7.3.1~dev6-4.10 is installed OR openstack-manila-scheduler-7.3.1~dev6-4.10 is installed OR openstack-manila-share-7.3.1~dev6-4.10 is installed OR openstack-neutron-13.0.5~dev50-3.10 is installed OR openstack-neutron-dhcp-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-gbp-5.0.1~dev472-3.10 is installed OR openstack-neutron-ha-tool-13.0.5~dev50-3.10 is installed OR openstack-neutron-l3-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-linuxbridge-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-macvtap-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-metadata-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-metering-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-openvswitch-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-server-13.0.5~dev50-3.10 is installed OR openstack-nova-18.2.3~dev22-3.10 is installed OR openstack-nova-api-18.2.3~dev22-3.10 is installed OR openstack-nova-cells-18.2.3~dev22-3.10 is installed OR openstack-nova-compute-18.2.3~dev22-3.10 is installed OR openstack-nova-conductor-18.2.3~dev22-3.10 is installed OR openstack-nova-console-18.2.3~dev22-3.10 is installed OR openstack-nova-novncproxy-18.2.3~dev22-3.10 is installed OR openstack-nova-placement-api-18.2.3~dev22-3.10 is installed OR openstack-nova-scheduler-18.2.3~dev22-3.10 is installed OR openstack-nova-serialproxy-18.2.3~dev22-3.10 is installed OR openstack-nova-vncproxy-18.2.3~dev22-3.10 is installed OR openstack-octavia-3.1.2~dev45-3.10 is installed OR openstack-octavia-amphora-agent-3.1.2~dev45-3.10 is installed OR openstack-octavia-api-3.1.2~dev45-3.10 is installed OR openstack-octavia-health-manager-3.1.2~dev45-3.10 is installed OR openstack-octavia-housekeeping-3.1.2~dev45-3.10 is installed OR openstack-octavia-worker-3.1.2~dev45-3.10 is installed OR openstack-sahara-9.0.2~dev12-3.3 is installed OR openstack-sahara-api-9.0.2~dev12-3.3 is installed OR openstack-sahara-engine-9.0.2~dev12-3.3 is installed OR openstack-tempest-19.0.0-15 is installed OR openstack-tempest-test-19.0.0-15 is installed OR openstack-watcher-1.12.1~dev19-4.3 is installed OR openstack-watcher-doc-1.12.1~dev19-4.3 is installed OR python-cinder-13.0.7~dev16-3.10 is installed OR python-cinder-tempest-plugin-0.1.0-11 is installed OR python-designate-7.0.1~dev22-3.10 is installed OR python-glance-17.0.1~dev30-3.3 is installed OR python-heat-11.0.3~dev23-3.10 is installed OR python-horizon-14.0.4~dev11-3.6 is installed OR python-horizon-plugin-heat-ui-1.4.1~dev4-4.6 is installed OR python-horizon-plugin-monasca-ui-1.14.1~dev9-3.6 is installed OR python-ironic-11.1.4~dev15-3.10 is installed OR python-keystone-14.1.1~dev16-3.10 is installed OR python-manila-7.3.1~dev6-4.10 is installed OR python-neutron-13.0.5~dev50-3.10 is installed OR python-neutron-gbp-5.0.1~dev472-3.10 is installed OR python-nova-18.2.3~dev22-3.10 is installed OR python-octavia-3.1.2~dev45-3.10 is installed OR python-openstack_auth-14.0.4~dev11-3.6 is installed OR python-sahara-9.0.2~dev12-3.3 is installed OR python-tempest-19.0.0-15 is installed OR python-urllib3-1.23-3.9 is installed OR python-watcher-1.12.1~dev19-4.3 is installed OR ruby2.1-rubygem-easy_diff-1.0.0-4.3 is installed OR rubygem-easy_diff-1.0.0-4.3 is installed

BACK