Oval Definition:	oval:org.opensuse.security:def:64079
Revision Date: 2020-12-01 Version: 1 Title: Security update for xen (Important) Description: This update for xen fixes the following issues: - CVE-2020-25602: Fixed an issue where there was a crash when handling guest access to MSR_MISC_ENABLE was thrown (bsc#1176339,XSA-333) - CVE-2020-25598: Added a missing unlock in XENMEM_acquire_resource error path (bsc#1176341,XSA-334) - CVE-2020-25604: Fixed a race condition when migrating timers between x86 HVM vCPU-s (bsc#1176343,XSA-336) - CVE-2020-25595: Fixed an issue where PCI passthrough code was reading back hardware registers (bsc#1176344,XSA-337) - CVE-2020-25597: Fixed an issue where a valid event channels may not turn invalid (bsc#1176346,XSA-338) - CVE-2020-25596: Fixed a potential denial of service in x86 pv guest kernel via SYSENTER (bsc#1176345,XSA-339) - CVE-2020-25603: Fixed an issue due to missing barriers when accessing/allocating an event channel (bsc#1176347,XSA-340) - CVE-2020-25600: Fixed out of bounds event channels available to 32-bit x86 domains (bsc#1176348,XSA-342) - CVE-2020-25599: Fixed race conditions with evtchn_reset() (bsc#1176349,XSA-343) - CVE-2020-25601: Fixed an issue due to lack of preemption in evtchn_reset() / evtchn_destroy() (bsc#1176350,XSA-344) - CVE-2020-14364: Fixed an out-of-bounds read/write access while processing usb packets (bsc#1175534). - Various bug fixes (bsc#1027519) Family: unix Class: patch Status: Reference(s): 1027519 1111331 1137595 1138872 1144656 1144675 1173018 1173376 1173377 1173378 1173380 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1175534 1176086 1176181 1176339 1176343 1176344 1176345 1176346 1176347 1176348 1176349 1176350 1176671 1177409 1177412 1177413 1177414 CVE-2017-18922 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-21247 CVE-2019-11091 CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 CVE-2019-11707 CVE-2019-11708 CVE-2019-13104 CVE-2019-13106 CVE-2019-20839 CVE-2019-20840 CVE-2020-14147 CVE-2020-14364 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 CVE-2020-24659 CVE-2020-25595 CVE-2020-25596 CVE-2020-25597 CVE-2020-25599 CVE-2020-25600 CVE-2020-25601 CVE-2020-25602 CVE-2020-25603 CVE-2020-25604 CVE-2020-27670 CVE-2020-27671 CVE-2020-27672 CVE-2020-27673 openSUSE-SU-2019:1606-1 openSUSE-SU-2019:1806-1 openSUSE-SU-2019:2233-1 openSUSE-SU-2020:1035-1 openSUSE-SU-2020:1056-1 openSUSE-SU-2020:1724-1 SUSE-SU-2020:1891-1 SUSE-SU-2020:3088-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information MozillaThunderbird-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-buildsymbols-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-translations-common-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-translations-other-60.7.2-lp151.2.7 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information LibVNCServer-0.9.10-lp152.9.4 is installed OR LibVNCServer-devel-0.9.10-lp152.9.4 is installed OR libvncclient0-0.9.10-lp152.9.4 is installed OR libvncserver0-0.9.10-lp152.9.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information xen-4.11.4_08-2.36 is installed OR xen-doc-html-4.11.4_08-2.36 is installed OR xen-libs-4.11.4_08-2.36 is installed OR xen-libs-32bit-4.11.4_08-2.36 is installed OR xen-tools-4.11.4_08-2.36 is installed OR xen-tools-domU-4.11.4_08-2.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information xen-4.11.4_10-2.39 is installed OR xen-doc-html-4.11.4_10-2.39 is installed OR xen-libs-4.11.4_10-2.39 is installed OR xen-libs-32bit-4.11.4_10-2.39 is installed OR xen-tools-4.11.4_10-2.39 is installed OR xen-tools-domU-4.11.4_10-2.39 is installed
BACK