Oval Definition:oval:org.opensuse.security:def:85873
Revision Date:2019-10-24Version:1
Title:Security update for xen (Important)
Description:

This update for xen fixes the following issues:

Security issues fixed:

- CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service (bsc#1149813). - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service (bsc#1146874). - CVE-2019-14378: Fixed a heap buffer overflow in SLiRp networking implementation of QEMU emulator which could have led to execution of arbitrary code with privileges of the QEMU process (bsc#1143797).

Other issue fixed:

- Fixed an issue where libxenlight could not restore domain vsa6535522 on live migration (bsc#1133818).
Family:unixClass:patch
Status:Reference(s):1126140
1126141
1126192
1126195
1126196
1126197
1126198
1126201
1127400
1133818
1143797
1146874
1149813
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2019-11091
CVE-2019-12068
CVE-2019-14378
CVE-2019-15890
CVE-2019-17340
CVE-2019-17341
CVE-2019-17342
CVE-2019-17343
CVE-2019-17344
CVE-2019-17345
CVE-2019-17346
CVE-2019-17347
CVE-2019-17348
SUSE-SU-2019:2769-1
Platform(s):SUSE Linux Enterprise Server 12 SP3-BCL
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • xen-4.9.4_04-3.56.2 is installed
  • OR xen-doc-html-4.9.4_04-3.56.2 is installed
  • OR xen-libs-4.9.4_04-3.56.2 is installed
  • OR xen-libs-32bit-4.9.4_04-3.56.2 is installed
  • OR xen-tools-4.9.4_04-3.56.2 is installed
  • OR xen-tools-domU-4.9.4_04-3.56.2 is installed
  • BACK