Oval Definition:oval:org.opensuse.security:def:79708
Revision Date:2019-10-23Version:1
Title:Security update for xen (Important)
Description:

This update for xen to version 4.11.2 fixes the following issues:

Security issues fixed:

- CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service (bsc#1149813). - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service (bsc#1146874). - CVE-2019-14378: Fixed a heap buffer overflow in SLiRp networking implementation of QEMU emulator which could have led to execution of arbitrary code with privileges of the QEMU process (bsc#1143797).

Other issues fixed:

- Fixed an HPS bug which did not allow to install Windows Server 2016 with 2 CPUs setting or above (bsc#1137717). - Fixed a segmentation fault in Libvrtd during live migration to a VM (bsc#1145774). - Fixed an issue where libxenlight could not create new domain (bsc#1131811). - Fixed an issue where attached pci devices were lost after reboot (bsc#1129642). - Fixed an issue where Xen could not pre-allocate 1 shadow page (bsc#1145240).
Family:unixClass:patch
Status:Reference(s):1027519
1111331
1126140
1126141
1126192
1126195
1126196
1126197
1126198
1126201
1127400
1129642
1131811
1137717
1138294
1143797
1145240
1145774
1146874
1149813
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2019-11091
CVE-2019-12068
CVE-2019-14378
CVE-2019-15890
CVE-2019-17340
CVE-2019-17341
CVE-2019-17342
CVE-2019-17343
CVE-2019-17344
CVE-2019-17345
CVE-2019-17346
CVE-2019-17347
CVE-2019-17348
SUSE-SU-2019:2753-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • xen-4.11.2_02-2.14.2 is installed
  • OR xen-libs-4.11.2_02-2.14.2 is installed
  • OR xen-libs-32bit-4.11.2_02-2.14.2 is installed
    • BACK