Oval Definition:oval:org.opensuse.security:def:80740
Revision Date:2019-05-28Version:1
Title:Security update for xen (Important)
Description:

This update for xen fixes the following issues:

Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)

- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)

These updates contain the XEN Hypervisor adjustments, that additionally also use CPU Microcode updates.

The mitigation can be controlled via the 'mds' commandline option, see the documentation.

For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736

Other fixes:

- CVE-2018-20815: Fixed a heap buffer overflow while loading device tree blob (bsc#1130680). - Fixed an issue with live migration when spectre is enabled on xen boot cmdline (bsc#1116380). - Fixed an issue with live migration (bsc#1133818). - Added upstream bug fix (bsc#1027519).
Family:unixClass:patch
Status:Reference(s):1027519
1111331
1116380
1130680
1133818
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-20815
CVE-2019-11091
SUSE-SU-2019:1371-1
Platform(s):SUSE OpenStack Cloud 7
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • xen-4.7.6_06-43.51.1 is installed
  • OR xen-doc-html-4.7.6_06-43.51.1 is installed
  • OR xen-libs-4.7.6_06-43.51.1 is installed
  • OR xen-libs-32bit-4.7.6_06-43.51.1 is installed
  • OR xen-tools-4.7.6_06-43.51.1 is installed
  • OR xen-tools-domU-4.7.6_06-43.51.1 is installed
    • BACK