Oval Definition:oval:org.opensuse.security:def:79413
Revision Date:2018-05-29Version:1
Title:Security update for xen (Important)
Description:

This update for xen fixes the following issues:

Security issues fixed:

- CVE-2018-3639: Spectre V4 – Speculative Store Bypass aka 'Memory Disambiguation' (bsc#1092631)

This feature can be controlled by the 'ssbd=on/off' commandline flag for the XEN hypervisor.
- CVE-2018-10982: x86 vHPET interrupt injection errors (XSA-261 bsc#1090822)
- CVE-2018-10981: qemu may drive Xen into unbounded loop (XSA-262 bsc#1090823)

Other bugfixes:

- Upstream patches from Jan (bsc#1027519)
- additional fixes related to Page Table Isolation (XPTI). (bsc#1074562 XSA-254)
- qemu-system-i386 cannot handle more than 4 HW NICs (bsc#1090296)
Family:unixClass:patch
Status:Reference(s):1027519
1074562
1090296
1090822
1090823
1092631
CVE-2018-10981
CVE-2018-10982
CVE-2018-3639
SUSE-SU-2018:1456-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • xen-4.9.2_06-3.32.1 is installed
  • OR xen-libs-4.9.2_06-3.32.1 is installed
  • OR xen-libs-32bit-4.9.2_06-3.32.1 is installed
    • BACK