Oval Definition:	oval:org.opensuse.security:def:56446
Revision Date: 2020-12-01 Version: 1 Title: Security update for xen (Important) Description: This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information (XSA-226, bsc#1051787). - CVE-2017-12137: Incorrectly-aligned updates to pagetables allowed for privilege escalation (XSA-227, bsc#1051788). - CVE-2017-12136: Race conditions with maptrack free list handling allows a malicious guest administrator to crash the host or escalate their privilege to that of the host (XSA-228, bsc#1051789). - CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP options string (bsc#1049578). - CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt (bsc#1046637). - CVE-2017-12855: Premature clearing of GTF_writing / GTF_reading lead to potentially leaking sensitive information (XSA-230 bsc#1052686. These non-security issues were fixed: - bsc#1055695: XEN: 11SP4 and 12SP3 HVM guests can not be restored after the save using xl stack - bsc#1035231: Migration of HVM domU did not use superpages on destination dom0 - bsc#1002573: Optimized LVM functions in block-dmmd block-dmmd Family: unix Class: patch Status: Reference(s): 1002573 1005480 1005544 1005893 1006221 1016366 1016369 1017420 1026236 1027519 1034560 1034674 1034678 1035231 1042146 1046637 1047666 1049578 1051787 1051788 1051789 1052686 1055695 1067203 1072193 1077999 1085449 1087932 1090638 1091610 1092548 1093311 1168404 1168407 1169066 929629 990636 CVE-2006-7250 CVE-2008-1686 CVE-2008-5077 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2010-0740 CVE-2010-0742 CVE-2010-1633 CVE-2010-2939 CVE-2010-3864 CVE-2010-5298 CVE-2011-0014 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0050 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2686 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-4238 CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 CVE-2013-7459 CVE-2014-0076 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-5139 CVE-2014-5461 CVE-2014-8146 CVE-2014-8147 CVE-2014-8275 CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2015-3216 CVE-2015-4000 CVE-2015-6749 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 CVE-2016-10009 CVE-2016-10011 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-4658 CVE-2016-6293 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7052 CVE-2016-8858 CVE-2017-1000368 CVE-2017-10664 CVE-2017-11434 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 CVE-2017-14952 CVE-2017-15422 CVE-2017-17484 CVE-2017-17833 CVE-2017-7867 CVE-2017-7868 CVE-2018-1115 CVE-2018-1417 CVE-2018-2783 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2825 CVE-2018-2826 CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5174 CVE-2018-5178 CVE-2018-5183 CVE-2020-1927 CVE-2020-1934 CVE-2020-1938 SUSE-SU-2016:2650-1 SUSE-SU-2017:0607-2 SUSE-SU-2017:1627-1 SUSE-SU-2017:2327-1 SUSE-SU-2017:2350-1 SUSE-SU-2018:1334-1 SUSE-SU-2018:1695-1 SUSE-SU-2018:1738-1 SUSE-SU-2018:1764-1 SUSE-SU-2018:2991-1 SUSE-SU-2020:1111-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND bubblewrap-0.2.0-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information expat-2.2.5-lp151.3.6 is installed OR libexpat-devel-2.2.5-lp151.3.6 is installed OR libexpat-devel-32bit-2.2.5-lp151.3.6 is installed OR libexpat1-2.2.5-lp151.3.6 is installed OR libexpat1-32bit-2.2.5-lp151.3.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information xen-4.9.0_11-3.9 is installed OR xen-libs-4.9.0_11-3.9 is installed OR xen-libs-32bit-4.9.0_11-3.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information liblua5_2-5.2.2-4 is installed OR liblua5_2-32bit-5.2.2-4 is installed OR lua-5.2.2-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information openslp-2.0.0-18.17 is installed OR openslp-32bit-2.0.0-18.17 is installed OR openslp-server-2.0.0-18.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libopenssl-devel-1.0.2j-55 is installed OR libopenssl1_0_0-1.0.2j-55 is installed OR libopenssl1_0_0-32bit-1.0.2j-55 is installed OR libopenssl1_0_0-hmac-1.0.2j-55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-55 is installed OR openssl-1.0.2j-55 is installed OR openssl-doc-1.0.2j-55 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information qemu-2.6.2-41.40 is installed OR qemu-block-curl-2.6.2-41.40 is installed OR qemu-block-rbd-2.6.2-41.40 is installed OR qemu-block-ssh-2.6.2-41.40 is installed OR qemu-guest-agent-2.6.2-41.40 is installed OR qemu-ipxe-1.0.0-41.40 is installed OR qemu-kvm-2.6.2-41.40 is installed OR qemu-lang-2.6.2-41.40 is installed OR qemu-seabios-1.9.1-41.40 is installed OR qemu-sgabios-8-41.40 is installed OR qemu-tools-2.6.2-41.40 is installed OR qemu-vgabios-1.9.1-41.40 is installed OR qemu-x86-2.6.2-41.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libgcrypt-1.6.1-16.68 is installed OR libgcrypt20-1.6.1-16.68 is installed OR libgcrypt20-32bit-1.6.1-16.68 is installed OR libgcrypt20-hmac-1.6.1-16.68 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND lftp-4.7.4-3.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND sudo-1.8.10p3-2.16 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND python-pycrypto-2.6.1-10.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND clamav-0.100.3-33.29 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information kernel-default-4.4.180-94.124 is installed OR kernel-default-base-4.4.180-94.124 is installed OR kernel-default-devel-4.4.180-94.124 is installed OR kernel-default-kgraft-4.4.180-94.124 is installed OR kernel-devel-4.4.180-94.124 is installed OR kernel-macros-4.4.180-94.124 is installed OR kernel-source-4.4.180-94.124 is installed OR kernel-syms-4.4.180-94.124 is installed OR kgraft-patch-4_4_180-94_124-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_33-1-4.3 is installed
BACK