Oval Definition:oval:org.opensuse.security:def:64568
Revision Date:2021-09-02Version:1
Title:Security update for xen (Important)
Description:

This update for xen fixes the following issues:

Update to Xen 4.13.3 general bug fix release (bsc#1027519).

Security issues fixed:

- CVE-2021-28693: xen/arm: Boot modules are not scrubbed (bsc#1186428) - CVE-2021-28692: xen: inappropriate x86 IOMMU timeout detection / handling (bsc#1186429) - CVE-2021-0089: xen: Speculative Code Store Bypass (bsc#1186433) - CVE-2021-28690: xen: x86: TSX Async Abort protections not restored after S3 (bsc#1186434) - CVE-2021-28694,CVE-2021-28695,CVE-2021-28696: IOMMU page mapping issues on x86 (XSA-378)(bsc#1189373). - CVE-2021-28697: grant table v2 status pages may remain accessible after de-allocation (XSA-379)(bsc#1189376). - CVE-2021-28698: long running loops in grant table handling (XSA-380)(bsc#1189378). - CVE-2021-28699: inadequate grant-v2 status frames array bounds check (XSA-382)(bsc#1189380). - CVE-2021-28700: No memory limit for dom0less domUs (XSA-383)(bsc#1189381).

Other issues fixed:

- Fixed 'Panic on CPU 0: IO-APIC + timer doesn't work!' (bsc#1180491) - Fixed an issue with xencommons, where file format expecations by fillup did not allign (bsc#1185682) - Fixed shell macro expansion in the spec file, so that ExecStart= in xendomains-wait-disks.service is created correctly (bsc#1183877) - Upstream bug fixes (bsc#1027519) - Fixed Xen SLES11SP4 guest hangs on cluster (bsc#1188050). - xl monitoring process exits during xl save -p|-c keep the monitoring process running to cleanup the domU during shutdown (bsc#1176189). - Dom0 hangs when pinning CPUs for dom0 with HVM guest (bsc#1179246). - Prevent superpage allocation in the LAPIC and ACPI_INFO range (bsc#1189882).
Family:unixClass:patch
Status:Reference(s):1027519
1137251
1141844
1159861
1160369
1161194
1162687
1162689
1162691
1167465
1168421
1168911
1172225
1172356
1174157
1174543
1176189
1179148
1179246
1180491
1181989
1183877
1185682
1186428
1186429
1186433
1186434
1188050
1189373
1189376
1189378
1189380
1189381
1189882
CVE-2006-4484
CVE-2017-8374
CVE-2019-12528
CVE-2019-13616
CVE-2019-19948
CVE-2019-19949
CVE-2019-20807
CVE-2020-14556
CVE-2020-14562
CVE-2020-14573
CVE-2020-14577
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-6423
CVE-2020-6430
CVE-2020-6431
CVE-2020-6432
CVE-2020-6433
CVE-2020-6434
CVE-2020-6435
CVE-2020-6436
CVE-2020-6437
CVE-2020-6438
CVE-2020-6439
CVE-2020-6440
CVE-2020-6441
CVE-2020-6442
CVE-2020-6443
CVE-2020-6444
CVE-2020-6445
CVE-2020-6446
CVE-2020-6447
CVE-2020-6448
CVE-2020-6450
CVE-2020-6451
CVE-2020-6452
CVE-2020-6454
CVE-2020-6455
CVE-2020-6456
CVE-2020-8449
CVE-2020-8450
CVE-2020-8517
CVE-2021-0089
CVE-2021-28690
CVE-2021-28692
CVE-2021-28693
CVE-2021-28694
CVE-2021-28695
CVE-2021-28696
CVE-2021-28697
CVE-2021-28698
CVE-2021-28699
CVE-2021-28700
openSUSE-SU-2020:0170-1
openSUSE-SU-2020:0307-1
openSUSE-SU-2020:0519-1
openSUSE-SU-2020:0794-1
openSUSE-SU-2020:1190-1
openSUSE-SU-2020:1191-1
SUSE-SU-2021:2922-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • xen-4.13.1_06-lp152.2.6 is installed
  • OR xen-devel-4.13.1_06-lp152.2.6 is installed
  • OR xen-doc-html-4.13.1_06-lp152.2.6 is installed
  • OR xen-libs-4.13.1_06-lp152.2.6 is installed
  • OR xen-libs-32bit-4.13.1_06-lp152.2.6 is installed
  • OR xen-tools-4.13.1_06-lp152.2.6 is installed
  • OR xen-tools-domU-4.13.1_06-lp152.2.6 is installed
  • OR xen-tools-xendomains-wait-disk-4.13.1_06-lp152.2.6 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-lp151.7.15 is installed
  • OR ImageMagick-config-7-SUSE-7.0.7.34-lp151.7.15 is installed
  • OR ImageMagick-config-7-upstream-7.0.7.34-lp151.7.15 is installed
  • OR ImageMagick-devel-7.0.7.34-lp151.7.15 is installed
  • OR ImageMagick-devel-32bit-7.0.7.34-lp151.7.15 is installed
  • OR ImageMagick-doc-7.0.7.34-lp151.7.15 is installed
  • OR ImageMagick-extra-7.0.7.34-lp151.7.15 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.34-lp151.7.15 is installed
  • OR libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp151.7.15 is installed
  • OR libMagick++-devel-7.0.7.34-lp151.7.15 is installed
  • OR libMagick++-devel-32bit-7.0.7.34-lp151.7.15 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.34-lp151.7.15 is installed
  • OR libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp151.7.15 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.34-lp151.7.15 is installed
  • OR libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp151.7.15 is installed
  • OR perl-PerlMagick-7.0.7.34-lp151.7.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • libmad-devel-0.15.1b-3 is installed
  • OR libmad0-0.15.1b-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND perl-Tk-devel-804.034-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • xen-libs-4.13.3_02-3.34.1 is installed
  • OR xen-tools-domU-4.13.3_02-3.34.1 is installed
    • BACK