Oval Definition:	oval:org.opensuse.security:def:56250
Revision Date: 2020-12-01 Version: 1 Title: Security update for xen (Important) Description: This update for xen fixes several issues. These security issues were fixed: - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024834). - CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004). - A malicious guest could have, by frequently rebooting over extended periods of time, run the host system out of memory, resulting in a Denial of Service (DoS) (bsc#1022871) - CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169 These non-security issues were fixed: - bsc#1000195: Prevent panic on CPU0 while booting on SLES 11 SP3 - bsc#1002496: Added support for reloading clvm in block-dmmd block-dmmd - bsc#1005028: Fixed building Xen RPMs from Sources Family: unix Class: patch Status: Reference(s): 1000195 1002496 1005028 1012651 1013095 1014298 1014300 1015169 1016340 1022871 1023004 1024834 1034005 1034402 1046554 1046555 1053153 1069708 1076017 1083125 1083488 1085114 1085447 1090368 1090646 1160968 1162972 770619 926826 CVE-2010-1674 CVE-2010-1675 CVE-2011-1946 CVE-2011-4349 CVE-2013-0240 CVE-2013-1799 CVE-2013-2063 CVE-2014-7300 CVE-2014-9087 CVE-2016-9921 CVE-2016-9922 CVE-2017-10661 CVE-2017-13166 CVE-2017-16939 CVE-2017-2615 CVE-2017-2620 CVE-2017-3142 CVE-2017-3143 CVE-2018-1000004 CVE-2018-1068 CVE-2018-7566 CVE-2018-8781 CVE-2018-8897 CVE-2019-4732 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 SUSE-SU-2016:0008-1 SUSE-SU-2016:0953-1 SUSE-SU-2017:0571-1 SUSE-SU-2017:1577-1 SUSE-SU-2017:1736-1 SUSE-SU-2017:3322-1 SUSE-SU-2018:1005-1 SUSE-SU-2018:1521-1 SUSE-SU-2020:0528-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gimp-2.8.22-lp150.3 is installed OR gimp-lang-2.8.22-lp150.3 is installed OR gimp-plugins-python-2.8.22-lp150.3 is installed OR libgimp-2_0-0-2.8.22-lp150.3 is installed OR libgimpui-2_0-0-2.8.22-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND squid-4.8-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND libksba-1.0.4-1.20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information xen-4.7.1_06-31 is installed OR xen-libs-4.7.1_06-31 is installed OR xen-libs-32bit-4.7.1_06-31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information colord-gtk-lang-0.1.25-3 is installed OR libcolord-gtk1-0.1.25-3 is installed OR libcolord2-1.1.7-5 is installed OR libcolord2-32bit-1.1.7-5 is installed OR libcolorhug2-1.1.7-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_60-default-4-2 is installed OR kgraft-patch-3_12_74-60_64_60-xen-4-2 is installed OR kgraft-patch-SLE12-SP1_Update_21-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXtst6-1.2.2-3 is installed OR libXtst6-32bit-1.2.2-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.5_02-43.30 is installed OR xen-doc-html-4.7.5_02-43.30 is installed OR xen-libs-4.7.5_02-43.30 is installed OR xen-libs-32bit-4.7.5_02-43.30 is installed OR xen-tools-4.7.5_02-43.30 is installed OR xen-tools-domU-4.7.5_02-43.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libvmtools0-10.1.5-2 is installed OR open-vm-tools-10.1.5-2 is installed OR open-vm-tools-desktop-10.1.5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libvirt-3.3.0-5.30 is installed OR libvirt-admin-3.3.0-5.30 is installed OR libvirt-client-3.3.0-5.30 is installed OR libvirt-daemon-3.3.0-5.30 is installed OR libvirt-daemon-config-network-3.3.0-5.30 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.30 is installed OR libvirt-daemon-driver-interface-3.3.0-5.30 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.30 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.30 is installed OR libvirt-daemon-driver-network-3.3.0-5.30 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.30 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.30 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.30 is installed OR libvirt-daemon-driver-secret-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.30 is installed OR libvirt-daemon-hooks-3.3.0-5.30 is installed OR libvirt-daemon-lxc-3.3.0-5.30 is installed OR libvirt-daemon-qemu-3.3.0-5.30 is installed OR libvirt-daemon-xen-3.3.0-5.30 is installed OR libvirt-doc-3.3.0-5.30 is installed OR libvirt-libs-3.3.0-5.30 is installed OR libvirt-lock-sanlock-3.3.0-5.30 is installed OR libvirt-nss-3.3.0-5.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information pam-1.1.8-24.14 is installed OR pam-32bit-1.1.8-24.14 is installed OR pam-doc-1.1.8-24.14 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-devel-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libdcerpc-atsvc0-4.2.4-28.29 is installed OR samba-4.2.4-28.29 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information xen-4.9.4_08-3.66 is installed OR xen-doc-html-4.9.4_08-3.66 is installed OR xen-libs-4.9.4_08-3.66 is installed OR xen-libs-32bit-4.9.4_08-3.66 is installed OR xen-tools-4.9.4_08-3.66 is installed OR xen-tools-domU-4.9.4_08-3.66 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Django1-1.11.20-3.6 is installed
BACK