Oval Definition:	oval:org.opensuse.security:def:58004
Revision Date: 2021-09-06 Version: 1 Title: Security update for xen (Important) Description: This update for xen fixes the following issues: - CVE-2021-3594: slirp: invalid pointer initialization may lead to information disclosure (udp)(bsc#1187378). - CVE-2021-3595: slirp: invalid pointer initialization may lead to information disclosure (tftp)(bsc#1187376). - CVE-2021-28698: long running loops in grant table handling (XSA-380)(bsc#1189378). - CVE-2021-28699: inadequate grant-v2 status frames array bounds check (XSA-382)(bsc#1189380). - CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100 (bsc#1182654) - CVE-2021-28690: xen: x86: TSX Async Abort protections not restored after S3 (bsc#1186434) - CVE-2021-28692: xen: inappropriate x86 IOMMU timeout detection / handling (bsc#1186429) - CVE-2021-28694,CVE-2021-28695,CVE-2021-28696: IOMMU page mapping issues on x86 (XSA-378)(bsc#1189373). - CVE-2021-0089: xen: Speculative Code Store Bypass (bsc#1186433) - CVE-2021-28697: grant table v2 status pages may remain accessible after de-allocation (XSA-379)(bsc#1189376). - CVE-2021-3592: slirp: invalid pointer initialization may lead to information disclosure (bootp)(bsc#1187369). - Prevent superpage allocation in the LAPIC and ACPI_INFO range (bsc#1189882). Family: unix Class: patch Status: Reference(s): 1001367 1003800 1004477 1005555 1005558 1005562 1005564 1005566 1005569 1005581 1005582 1006539 1008318 1027519 1056993 1079405 1084604 1087289 1088268 1090036 1092100 1092885 1094301 1094508 1094725 1095242 1096224 1097521 1097522 1097523 1101776 1101777 1101786 1101788 1101791 1101794 1101800 1101802 1101804 1101810 1103276 1106514 1109663 1109847 1111014 1111331 1112142 1112143 1112144 1112146 1112147 1112148 1112152 1112153 1113231 1116574 1116717 1117275 1119493 1121753 1123156 1131595 1135273 1138459 1139073 1141035 1141670 1155321 1155988 1156318 1159329 1161719 1163809 1163933 1165528 1169658 1174628 1182654 1186429 1186433 1186434 1187369 1187376 1187378 1189373 1189376 1189378 1189380 1189882 990890 CVE-2015-9542 CVE-2016-3492 CVE-2016-5584 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6663 CVE-2016-7440 CVE-2016-8283 CVE-2017-0861 CVE-2017-13672 CVE-2017-13673 CVE-2017-6362 CVE-2018-1000199 CVE-2018-1000802 CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 CVE-2018-11806 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-12891 CVE-2018-12892 CVE-2018-12893 CVE-2018-13785 CVE-2018-14339 CVE-2018-14340 CVE-2018-14341 CVE-2018-14342 CVE-2018-14343 CVE-2018-14344 CVE-2018-14367 CVE-2018-14368 CVE-2018-14369 CVE-2018-14370 CVE-2018-14647 CVE-2018-15468 CVE-2018-16056 CVE-2018-16057 CVE-2018-16058 CVE-2018-16435 CVE-2018-16872 CVE-2018-17963 CVE-2018-19364 CVE-2018-19489 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2018-3214 CVE-2018-3639 CVE-2018-3665 CVE-2018-7858 CVE-2019-10160 CVE-2019-11091 CVE-2019-11135 CVE-2019-11139 CVE-2019-3886 CVE-2019-6778 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2020-10018 CVE-2020-11793 CVE-2020-14344 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2021-0089 CVE-2021-20255 CVE-2021-28690 CVE-2021-28692 CVE-2021-28694 CVE-2021-28695 CVE-2021-28696 CVE-2021-28697 CVE-2021-28698 CVE-2021-28699 CVE-2021-3592 CVE-2021-3594 CVE-2021-3595 SUSE-SU-2016:2933-1 SUSE-SU-2018:0135-1 SUSE-SU-2018:1236-1 SUSE-SU-2018:1362-1 SUSE-SU-2018:2081-1 SUSE-SU-2018:2891-1 SUSE-SU-2018:3332-1 SUSE-SU-2018:3933-1 SUSE-SU-2019:0057-1 SUSE-SU-2019:0450-1 SUSE-SU-2019:0489-1 SUSE-SU-2019:1438-1 SUSE-SU-2019:2053-1 SUSE-SU-2019:2988-1 SUSE-SU-2020:1117-1 SUSE-SU-2020:1135-1 SUSE-SU-2020:2196-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information kio-extras5-17.12.3-lp150.1 is installed OR kio-extras5-lang-17.12.3-lp150.1 is installed OR libkioarchive5-17.12.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND links-2.20.1-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND ucode-intel-20191112a-13.56 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libmysqlclient18-10.0.28-17 is installed OR libmysqlclient18-32bit-10.0.28-17 is installed OR mariadb-10.0.28-17 is installed OR mariadb-client-10.0.28-17 is installed OR mariadb-errormessages-10.0.28-17 is installed OR mariadb-tools-10.0.28-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.6_05-43.42 is installed OR xen-doc-html-4.7.6_05-43.42 is installed OR xen-libs-4.7.6_05-43.42 is installed OR xen-libs-32bit-4.7.6_05-43.42 is installed OR xen-tools-4.7.6_05-43.42 is installed OR xen-tools-domU-4.7.6_05-43.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information gnutls-3.2.15-18.6 is installed OR libgnutls-openssl27-3.2.15-18.6 is installed OR libgnutls28-3.2.15-18.6 is installed OR libgnutls28-32bit-3.2.15-18.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.55 is installed OR libopenssl1_0_0-1.0.2j-60.55 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed OR openssl-1.0.2j-60.55 is installed OR openssl-doc-1.0.2j-60.55 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information xen-4.9.4_20-3.91.1 is installed OR xen-doc-html-4.9.4_20-3.91.1 is installed OR xen-libs-4.9.4_20-3.91.1 is installed OR xen-libs-32bit-4.9.4_20-3.91.1 is installed OR xen-tools-4.9.4_20-3.91.1 is installed OR xen-tools-domU-4.9.4_20-3.91.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND squid-3.5.21-26.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libudisks2-0-2.1.3-1 is installed OR udisks2-2.1.3-1 is installed OR udisks2-lang-2.1.3-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-Django-1.11.23-3.12 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-requests-2.20.1-4.3 is installed
BACK