SUSE: 2018:0472-1 Important: Xen DoS Update for DoS Protection

suse

February 19, 2018

An update that solves 10 vulnerabilities and has two fixes is now available.

Summary

This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka "Spectre" and "Meltdown" attacks (bsc#1074562, bsc#1068032) - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking (bsc#1061081) - CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page (bsc#1070158). - CVE-2017-17563: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect

Topics Covered

security advisory software update important fixes xen SUSE Linux Enterprise doS protection

References

#1027519 #1035442 #1051729 #1061081 #1068032

#1070158 #1070159 #1070160 #1070163 #1074562

#1076116 #1076180

Cross- CVE-2017-15595 CVE-2017-17563 CVE-2017-17564

CVE-2017-17565 CVE-2017-17566 CVE-2017-18030

CVE-2017-5715 CVE-2017-5753 CVE-2017-5754

CVE-2018-5683

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP2

SUSE Linux Enterprise Server 12-SP2

SUSE Linux Enterprise Desktop 12-SP2

https://www.suse.com/security/cve/CVE-2017-15595.html

https://www.suse.com/security/cve/CVE-2017-17563.html

https://www.suse.com/security/cve/CVE-2017-17564.html

https://www.suse.com/security/cve/CVE-2017-17565.html

https://www.suse.com/security/cve/CVE-2017-17566.html

https://www.suse.com/security/cve/CVE-2017-18030.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:0472-1

Rating: important

Topics Covered

security advisory software update important fixes xen SUSE Linux Enterprise doS protection

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:0472-1 Important: Xen DoS Update for DoS Protection

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:0472-1 Important: Xen DoS Update for DoS Protection

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!