Oval Definition:	oval:org.opensuse.security:def:59792
Revision Date: 2021-09-03 Version: 1 Title: Security update for xen (Important) Description: This update for xen fixes the following issues: Security issues fixed: - CVE-2021-28698: long running loops in grant table handling (XSA-380)(bsc#1189378). - CVE-2021-28697: grant table v2 status pages may remain accessible after de-allocation (XSA-379)(bsc#1189376). - CVE-2021-28694,CVE-2021-28695,CVE-2021-28696: IOMMU page mapping issues on x86 (XSA-378)(bsc#1189373). - CVE-2021-28699: inadequate grant-v2 status frames array bounds check (XSA-382)(bsc#1189380). - CVE-2021-28692: xen: inappropriate x86 IOMMU timeout detection / handling (bsc#1186429) - CVE-2021-28690: xen: x86: TSX Async Abort protections not restored after S3 (bsc#1186434) - CVE-2021-0089: xen: Speculative Code Store Bypass (bsc#1186433) - CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100 (bsc#1182654) - CVE-2021-3592: slirp: invalid pointer initialization may lead to information disclosure (bootp)(bsc#1187369). - CVE-2021-3594: slirp: invalid pointer initialization may lead to information disclosure (udp)(bsc#1187378). - CVE-2021-3595: slirp: invalid pointer initialization may lead to information disclosure (tftp)(bsc#1187376). - CVE-2021-3308: Fixed IRQ vector leak on x86 (XSA-360)(bsc#1181254). - Prevent superpage allocation in the LAPIC and ACPI_INFO range (bsc#1189882). Family: unix Class: patch Status: Reference(s): 1012260 1012382 1019695 1019699 1021577 1022604 1026191 1031717 1041469 1041894 1046610 1049703 1059812 1060799 1061204 1064206 1064786 1065464 1066489 1068032 1073059 1073069 1073210 1075428 1076033 1077560 1078436 1083232 1083574 1083745 1083836 1084223 1084310 1084328 1084353 1084452 1084610 1084699 1084829 1084889 1084898 1084914 1084918 1084967 1085042 1085058 1085224 1085383 1085402 1085404 1085487 1085507 1085511 1085679 1085981 1086015 1086162 1086194 1086357 1086499 1086518 1086607 1087088 1087211 1087231 1087260 1087274 1087481 1087659 1087845 1087906 1087999 1088050 1088087 1088241 1088267 1088313 1088324 1088600 1088684 1088871 1091072 1091551 1092697 1092885 1094767 1096223 1096515 1098735 1105434 1106119 1107343 1108771 1108986 1109363 1109465 1110506 1110507 1112767 1114459 1120114 1120115 1120116 1120117 1120118 1120119 1120120 1120121 1120122 1122198 1122475 1126463 1127027 1131060 1133191 1135715 1136446 1136935 1137597 1148931 1167231 1173576 1173613 1173948 1174538 1175534 1176343 1176344 1176345 1176346 1176347 1176348 1176349 1176350 1181254 1182654 1186429 1186433 1186434 1187369 1187376 1187378 1189373 1189376 1189378 1189380 1189882 703591 802154 839074 857131 893359 CVE-2011-2729 CVE-2014-3675 CVE-2014-3676 CVE-2014-3677 CVE-2017-14160 CVE-2017-16541 CVE-2017-18257 CVE-2018-1000041 CVE-2018-1000222 CVE-2018-10393 CVE-2018-1091 CVE-2018-11806 CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 CVE-2018-12381 CVE-2018-12383 CVE-2018-12385 CVE-2018-12386 CVE-2018-12387 CVE-2018-12617 CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 CVE-2018-3639 CVE-2018-6307 CVE-2018-7740 CVE-2018-8043 CVE-2018-8822 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-2510 CVE-2019-2537 CVE-2019-3846 CVE-2019-3880 CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-14364 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-25595 CVE-2020-25596 CVE-2020-25597 CVE-2020-25599 CVE-2020-25600 CVE-2020-25601 CVE-2020-25603 CVE-2020-25604 CVE-2020-6463 CVE-2020-6514 CVE-2021-0089 CVE-2021-20255 CVE-2021-28690 CVE-2021-28692 CVE-2021-28694 CVE-2021-28695 CVE-2021-28696 CVE-2021-28697 CVE-2021-28698 CVE-2021-28699 CVE-2021-3308 CVE-2021-3592 CVE-2021-3594 CVE-2021-3595 SUSE-SU-2018:1048-1 SUSE-SU-2018:1288-1 SUSE-SU-2018:1324-1 SUSE-SU-2018:2837-1 SUSE-SU-2019:1162-1 SUSE-SU-2020:1899-1 SUSE-SU-2020:2787-1 SUSE-SU-2021:2955-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND dnsmasq-2.78-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information gvim-8.0.1568-lp151.5.3 is installed OR vim-8.0.1568-lp151.5.3 is installed OR vim-data-8.0.1568-lp151.5.3 is installed OR vim-data-common-8.0.1568-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information qemu-2.6.2-41.43 is installed OR qemu-block-curl-2.6.2-41.43 is installed OR qemu-block-rbd-2.6.2-41.43 is installed OR qemu-block-ssh-2.6.2-41.43 is installed OR qemu-guest-agent-2.6.2-41.43 is installed OR qemu-ipxe-1.0.0-41.43 is installed OR qemu-kvm-2.6.2-41.43 is installed OR qemu-lang-2.6.2-41.43 is installed OR qemu-seabios-1.9.1-41.43 is installed OR qemu-sgabios-8-41.43 is installed OR qemu-tools-2.6.2-41.43 is installed OR qemu-vgabios-1.9.1-41.43 is installed OR qemu-x86-2.6.2-41.43 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND mailman-2.1.17-3.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libssh2-1-1.4.3-20.14 is installed OR libssh2-1-32bit-1.4.3-20.14 is installed OR libssh2_org-1.4.3-20.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libruby2_1-2_1-2.1.9-18 is installed OR ruby2.1-2.1.9-18 is installed OR ruby2.1-stdlib-2.1.9-18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information MozillaFirefox-78.0.1-112.3 is installed OR MozillaFirefox-branding-SLE-78-35.3 is installed OR MozillaFirefox-devel-78.0.1-112.3 is installed OR MozillaFirefox-translations-common-78.0.1-112.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information xen-4.11.4_20-2.60.1 is installed OR xen-doc-html-4.11.4_20-2.60.1 is installed OR xen-libs-4.11.4_20-2.60.1 is installed OR xen-libs-32bit-4.11.4_20-2.60.1 is installed OR xen-tools-4.11.4_20-2.60.1 is installed OR xen-tools-domU-4.11.4_20-2.60.1 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-78.0.1-112.3 is installed OR MozillaFirefox-branding-SLE-78-35.3 is installed OR MozillaFirefox-devel-78.0.1-112.3 is installed OR MozillaFirefox-translations-common-78.0.1-112.3 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information xen-4.11.4_04-2.30 is installed OR xen-doc-html-4.11.4_04-2.30 is installed OR xen-libs-4.11.4_04-2.30 is installed OR xen-libs-32bit-4.11.4_04-2.30 is installed OR xen-tools-4.11.4_04-2.30 is installed OR xen-tools-domU-4.11.4_04-2.30 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND haproxy-1.6.11-11.3 is installed
BACK