Oval Definition:oval:org.opensuse.security:def:60351
Revision Date:2021-09-02Version:1
Title:Security update for xen (Important)
Description:

This update for xen fixes the following issues:

Security issues fixed:

- CVE-2021-28693: xen/arm: Boot modules are not scrubbed (bsc#1186428) - CVE-2021-28692: xen: inappropriate x86 IOMMU timeout detection / handling (bsc#1186429) - CVE-2021-0089: xen: Speculative Code Store Bypass (bsc#1186433) - CVE-2021-28690: xen: x86: TSX Async Abort protections not restored after S3 (bsc#1186434) - CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100 (bsc#1182654) - CVE-2021-28694,CVE-2021-28695,CVE-2021-28696: IOMMU page mapping issues on x86 (XSA-378)(bsc#1189373). - CVE-2021-28697: grant table v2 status pages may remain accessible after de-allocation (XSA-379)(bsc#1189376). - CVE-2021-28698: long running loops in grant table handling (XSA-380)(bsc#1189378). - CVE-2021-28699: inadequate grant-v2 status frames array bounds check (XSA-382)(bsc#1189380). - CVE-2021-28700: No memory limit for dom0less domUs (XSA-383)(bsc#1189381). - CVE-2021-3592: slirp: invalid pointer initialization may lead to information disclosure (bootp)(bsc#1187369). - CVE-2021-3594: slirp: invalid pointer initialization may lead to information disclosure (udp)(bsc#1187378). - CVE-2021-3595: slirp: invalid pointer initialization may lead to information disclosure (tftp)(bsc#1187376).

Other issues fixed:

- Fixed 'Panic on CPU 0: IO-APIC + timer doesn't work!' (bsc#1180491) - Fixed an issue with xencommons, where file format expecations by fillup did not allign (bsc#1185682) - Upstream bug fixes (bsc#1027519)

- Dom0 hangs when pinning CPUs for dom0 with HVM guest (bsc#1179246). - Fixed Xen SLES11SP4 guest hangs on cluster (bsc#1188050). - Fixed PVHVM SLES12 SP5 - NMI Watchdog CPU Stuck (bsc#1180846). - Core cannot be opened when using xl dump-core of VM with PTF (bsc#1183243) - Prevent superpage allocation in the LAPIC and ACPI_INFO range (bsc#1189882).
Family:unixClass:patch
Status:Reference(s):1027519
1047002
1048715
1076366
1090336
1090849
1094448
1095603
1096985
1097847
1101366
1105437
1105459
1105460
1114592
1120943
1135254
1141897
1142649
1142654
1148517
1149145
1149496
1160770
1170771
1174633
1174635
1174638
1176410
1177143
1177914
1179246
1180491
1180846
1182654
1183243
1185682
1186428
1186429
1186433
1186434
1187369
1187376
1187378
1188050
1189373
1189376
1189378
1189380
1189381
1189882
963041
CVE-2009-3627
CVE-2011-0020
CVE-2011-0064
CVE-2013-1988
CVE-2013-1992
CVE-2015-5191
CVE-2017-10790
CVE-2017-3308
CVE-2017-3309
CVE-2017-3453
CVE-2017-3456
CVE-2017-3464
CVE-2018-10844
CVE-2018-10845
CVE-2018-10846
CVE-2018-12099
CVE-2018-20030
CVE-2018-2579
CVE-2018-2588
CVE-2018-2599
CVE-2018-2602
CVE-2018-2603
CVE-2018-2618
CVE-2018-2629
CVE-2018-2633
CVE-2018-2634
CVE-2018-2637
CVE-2018-2641
CVE-2018-2663
CVE-2018-2677
CVE-2018-2678
CVE-2018-3817
CVE-2019-14250
CVE-2019-15847
CVE-2019-5482
CVE-2019-9278
CVE-2020-12243
CVE-2020-14345
CVE-2020-14346
CVE-2020-14347
CVE-2020-15999
CVE-2020-25219
CVE-2020-26154
CVE-2021-0089
CVE-2021-20255
CVE-2021-28690
CVE-2021-28692
CVE-2021-28693
CVE-2021-28694
CVE-2021-28695
CVE-2021-28696
CVE-2021-28697
CVE-2021-28698
CVE-2021-28699
CVE-2021-28700
CVE-2021-3592
CVE-2021-3594
CVE-2021-3595
SUSE-SU-2017:2035-1
SUSE-SU-2018:0661-1
SUSE-SU-2018:2317-1
SUSE-SU-2018:2842-1
SUSE-SU-2019:2339-2
SUSE-SU-2020:0394-1
SUSE-SU-2020:0457-1
SUSE-SU-2020:1193-1
SUSE-SU-2020:2331-1
SUSE-SU-2020:2900-1
SUSE-SU-2020:2998-1
SUSE-SU-2021:2924-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • kernel-debug-4.12.14-lp150.12.70 is installed
  • OR kernel-debug-base-4.12.14-lp150.12.70 is installed
  • OR kernel-debug-devel-4.12.14-lp150.12.70 is installed
  • OR kernel-default-4.12.14-lp150.12.70 is installed
  • OR kernel-default-base-4.12.14-lp150.12.70 is installed
  • OR kernel-default-devel-4.12.14-lp150.12.70 is installed
  • OR kernel-devel-4.12.14-lp150.12.70 is installed
  • OR kernel-docs-4.12.14-lp150.12.70 is installed
  • OR kernel-docs-html-4.12.14-lp150.12.70 is installed
  • OR kernel-kvmsmall-4.12.14-lp150.12.70 is installed
  • OR kernel-kvmsmall-base-4.12.14-lp150.12.70 is installed
  • OR kernel-kvmsmall-devel-4.12.14-lp150.12.70 is installed
  • OR kernel-macros-4.12.14-lp150.12.70 is installed
  • OR kernel-obs-build-4.12.14-lp150.12.70 is installed
  • OR kernel-obs-qa-4.12.14-lp150.12.70 is installed
  • OR kernel-source-4.12.14-lp150.12.70 is installed
  • OR kernel-source-vanilla-4.12.14-lp150.12.70 is installed
  • OR kernel-syms-4.12.14-lp150.12.70 is installed
  • OR kernel-vanilla-4.12.14-lp150.12.70 is installed
  • OR kernel-vanilla-base-4.12.14-lp150.12.70 is installed
  • OR kernel-vanilla-devel-4.12.14-lp150.12.70 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gnutls-3.6.7-lp151.2.3 is installed
  • OR gnutls-guile-3.6.7-lp151.2.3 is installed
  • OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutls-dane0-3.6.7-lp151.2.3 is installed
  • OR libgnutls-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed
  • OR libgnutls30-3.6.7-lp151.2.3 is installed
  • OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed
  • OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutlsxx28-3.6.7-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libXRes1-1.0.7-3 is installed
  • OR libXRes1-32bit-1.0.7-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • xorg-x11-server-7.6_1.18.3-76.26 is installed
  • OR xorg-x11-server-extra-7.6_1.18.3-76.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_100-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.62 is installed
  • OR libgcrypt20-1.6.1-16.62 is installed
  • OR libgcrypt20-32bit-1.6.1-16.62 is installed
  • OR libgcrypt20-hmac-1.6.1-16.62 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.62 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.3-2.56 is installed
  • OR libwebkit2gtk-4_0-37-2.28.3-2.56 is installed
  • OR libwebkit2gtk3-lang-2.28.3-2.56 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.3-2.56 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.3-2.56 is installed
  • OR webkit2gtk3-2.28.3-2.56 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • xen-4.12.4_12-3.49.1 is installed
  • OR xen-doc-html-4.12.4_12-3.49.1 is installed
  • OR xen-libs-4.12.4_12-3.49.1 is installed
  • OR xen-libs-32bit-4.12.4_12-3.49.1 is installed
  • OR xen-tools-4.12.4_12-3.49.1 is installed
  • OR xen-tools-domU-4.12.4_12-3.49.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND
  • xen-4.12.4_12-3.49.1 is installed
  • OR xen-doc-html-4.12.4_12-3.49.1 is installed
  • OR xen-libs-4.12.4_12-3.49.1 is installed
  • OR xen-libs-32bit-4.12.4_12-3.49.1 is installed
  • OR xen-tools-4.12.4_12-3.49.1 is installed
  • OR xen-tools-domU-4.12.4_12-3.49.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • grafana-4.5.1-4.3 is installed
  • OR kafka-0.9.0.1-5.3 is installed
  • OR logstash-2.4.1-5.4 is installed
  • OR openstack-monasca-installer-20180622_15.06-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND nodejs6-6.17.1-11.30 is installed
    • BACK