   SUSE Security Update: Security update for libvirt
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:1614-1
Rating:             important
References:         #1092885 
Cross-References:   CVE-2018-3639
Affected Products:
                    SUSE OpenStack Cloud 7
                    SUSE Linux Enterprise Server for SAP 12-SP2
                    SUSE Linux Enterprise Server 12-SP2-LTSS
                    SUSE Enterprise Storage 4
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update for libvirt fixes the following issues:

   - CVE-2018-3639: cpu: add support for 'ssbd' and 'virt-ssbd' CPUID feature
     bits pass through (bsc#1092885)


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 7:

      zypper in -t patch SUSE-OpenStack-Cloud-7-2018-1100=1

   - SUSE Linux Enterprise Server for SAP 12-SP2:

      zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-1100=1

   - SUSE Linux Enterprise Server 12-SP2-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-1100=1

   - SUSE Enterprise Storage 4:

      zypper in -t patch SUSE-Storage-4-2018-1100=1



Package List:

   - SUSE OpenStack Cloud 7 (s390x x86_64):

      libvirt-2.0.0-27.42.1
      libvirt-client-2.0.0-27.42.1
      libvirt-client-debuginfo-2.0.0-27.42.1
      libvirt-daemon-2.0.0-27.42.1
      libvirt-daemon-config-network-2.0.0-27.42.1
      libvirt-daemon-config-nwfilter-2.0.0-27.42.1
      libvirt-daemon-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-interface-2.0.0-27.42.1
      libvirt-daemon-driver-interface-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-lxc-2.0.0-27.42.1
      libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-network-2.0.0-27.42.1
      libvirt-daemon-driver-network-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-nodedev-2.0.0-27.42.1
      libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-nwfilter-2.0.0-27.42.1
      libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-qemu-2.0.0-27.42.1
      libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-secret-2.0.0-27.42.1
      libvirt-daemon-driver-secret-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-storage-2.0.0-27.42.1
      libvirt-daemon-driver-storage-debuginfo-2.0.0-27.42.1
      libvirt-daemon-hooks-2.0.0-27.42.1
      libvirt-daemon-lxc-2.0.0-27.42.1
      libvirt-daemon-qemu-2.0.0-27.42.1
      libvirt-debugsource-2.0.0-27.42.1
      libvirt-doc-2.0.0-27.42.1
      libvirt-lock-sanlock-2.0.0-27.42.1
      libvirt-lock-sanlock-debuginfo-2.0.0-27.42.1
      libvirt-nss-2.0.0-27.42.1
      libvirt-nss-debuginfo-2.0.0-27.42.1

   - SUSE OpenStack Cloud 7 (x86_64):

      libvirt-daemon-driver-libxl-2.0.0-27.42.1
      libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.42.1
      libvirt-daemon-xen-2.0.0-27.42.1

   - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64):

      libvirt-2.0.0-27.42.1
      libvirt-client-2.0.0-27.42.1
      libvirt-client-debuginfo-2.0.0-27.42.1
      libvirt-daemon-2.0.0-27.42.1
      libvirt-daemon-config-network-2.0.0-27.42.1
      libvirt-daemon-config-nwfilter-2.0.0-27.42.1
      libvirt-daemon-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-interface-2.0.0-27.42.1
      libvirt-daemon-driver-interface-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-lxc-2.0.0-27.42.1
      libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-network-2.0.0-27.42.1
      libvirt-daemon-driver-network-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-nodedev-2.0.0-27.42.1
      libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-nwfilter-2.0.0-27.42.1
      libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-qemu-2.0.0-27.42.1
      libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-secret-2.0.0-27.42.1
      libvirt-daemon-driver-secret-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-storage-2.0.0-27.42.1
      libvirt-daemon-driver-storage-debuginfo-2.0.0-27.42.1
      libvirt-daemon-hooks-2.0.0-27.42.1
      libvirt-daemon-lxc-2.0.0-27.42.1
      libvirt-daemon-qemu-2.0.0-27.42.1
      libvirt-debugsource-2.0.0-27.42.1
      libvirt-doc-2.0.0-27.42.1
      libvirt-lock-sanlock-2.0.0-27.42.1
      libvirt-lock-sanlock-debuginfo-2.0.0-27.42.1
      libvirt-nss-2.0.0-27.42.1
      libvirt-nss-debuginfo-2.0.0-27.42.1

   - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):

      libvirt-daemon-driver-libxl-2.0.0-27.42.1
      libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.42.1
      libvirt-daemon-xen-2.0.0-27.42.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64):

      libvirt-2.0.0-27.42.1
      libvirt-client-2.0.0-27.42.1
      libvirt-client-debuginfo-2.0.0-27.42.1
      libvirt-daemon-2.0.0-27.42.1
      libvirt-daemon-config-network-2.0.0-27.42.1
      libvirt-daemon-config-nwfilter-2.0.0-27.42.1
      libvirt-daemon-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-interface-2.0.0-27.42.1
      libvirt-daemon-driver-interface-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-lxc-2.0.0-27.42.1
      libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-network-2.0.0-27.42.1
      libvirt-daemon-driver-network-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-nodedev-2.0.0-27.42.1
      libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-nwfilter-2.0.0-27.42.1
      libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-qemu-2.0.0-27.42.1
      libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-secret-2.0.0-27.42.1
      libvirt-daemon-driver-secret-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-storage-2.0.0-27.42.1
      libvirt-daemon-driver-storage-debuginfo-2.0.0-27.42.1
      libvirt-daemon-hooks-2.0.0-27.42.1
      libvirt-daemon-lxc-2.0.0-27.42.1
      libvirt-daemon-qemu-2.0.0-27.42.1
      libvirt-debugsource-2.0.0-27.42.1
      libvirt-doc-2.0.0-27.42.1
      libvirt-lock-sanlock-2.0.0-27.42.1
      libvirt-lock-sanlock-debuginfo-2.0.0-27.42.1
      libvirt-nss-2.0.0-27.42.1
      libvirt-nss-debuginfo-2.0.0-27.42.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):

      libvirt-daemon-driver-libxl-2.0.0-27.42.1
      libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.42.1
      libvirt-daemon-xen-2.0.0-27.42.1

   - SUSE Enterprise Storage 4 (x86_64):

      libvirt-2.0.0-27.42.1
      libvirt-client-2.0.0-27.42.1
      libvirt-client-debuginfo-2.0.0-27.42.1
      libvirt-daemon-2.0.0-27.42.1
      libvirt-daemon-config-network-2.0.0-27.42.1
      libvirt-daemon-config-nwfilter-2.0.0-27.42.1
      libvirt-daemon-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-interface-2.0.0-27.42.1
      libvirt-daemon-driver-interface-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-libxl-2.0.0-27.42.1
      libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-lxc-2.0.0-27.42.1
      libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-network-2.0.0-27.42.1
      libvirt-daemon-driver-network-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-nodedev-2.0.0-27.42.1
      libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-nwfilter-2.0.0-27.42.1
      libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-qemu-2.0.0-27.42.1
      libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-secret-2.0.0-27.42.1
      libvirt-daemon-driver-secret-debuginfo-2.0.0-27.42.1
      libvirt-daemon-driver-storage-2.0.0-27.42.1
      libvirt-daemon-driver-storage-debuginfo-2.0.0-27.42.1
      libvirt-daemon-hooks-2.0.0-27.42.1
      libvirt-daemon-lxc-2.0.0-27.42.1
      libvirt-daemon-qemu-2.0.0-27.42.1
      libvirt-daemon-xen-2.0.0-27.42.1
      libvirt-debugsource-2.0.0-27.42.1
      libvirt-doc-2.0.0-27.42.1
      libvirt-lock-sanlock-2.0.0-27.42.1
      libvirt-lock-sanlock-debuginfo-2.0.0-27.42.1
      libvirt-nss-2.0.0-27.42.1
      libvirt-nss-debuginfo-2.0.0-27.42.1


References:

   https://www.suse.com/security/cve/CVE-2018-3639.html
   https://bugzilla.suse.com/1092885

SUSE: 2018:1614-1 important: libvirt

June 8, 2018

An update that fixes one vulnerability is now available

Summary

This update for libvirt fixes the following issues: - CVE-2018-3639: cpu: add support for 'ssbd' and 'virt-ssbd' CPUID feature bits pass through (bsc#1092885) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-1100=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-1100=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-1100=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2018-1100=1 Package List: - SUSE OpenStack Cloud 7 (s390x x86_64): libvirt-2.0.0-27.42.1 libvirt-client-2.0.0-27.42.1 libvirt-client-debuginfo-2.0.0-27.42.1 libvirt-daemon-2.0.0-27.42.1 libvirt-daemon-config-network-2.0.0-27.42.1 libvirt-daemon-config-nwfilter-2.0.0-27.42.1 libvirt-daemon-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-interface-2.0.0-27.42.1 libvirt-daemon-driver-interface-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-lxc-2.0.0-27.42.1 libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-network-2.0.0-27.42.1 libvirt-daemon-driver-network-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-nodedev-2.0.0-27.42.1 libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-nwfilter-2.0.0-27.42.1 libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-qemu-2.0.0-27.42.1 libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-secret-2.0.0-27.42.1 libvirt-daemon-driver-secret-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-storage-2.0.0-27.42.1 libvirt-daemon-driver-storage-debuginfo-2.0.0-27.42.1 libvirt-daemon-hooks-2.0.0-27.42.1 libvirt-daemon-lxc-2.0.0-27.42.1 libvirt-daemon-qemu-2.0.0-27.42.1 libvirt-debugsource-2.0.0-27.42.1 libvirt-doc-2.0.0-27.42.1 libvirt-lock-sanlock-2.0.0-27.42.1 libvirt-lock-sanlock-debuginfo-2.0.0-27.42.1 libvirt-nss-2.0.0-27.42.1 libvirt-nss-debuginfo-2.0.0-27.42.1 - SUSE OpenStack Cloud 7 (x86_64): libvirt-daemon-driver-libxl-2.0.0-27.42.1 libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.42.1 libvirt-daemon-xen-2.0.0-27.42.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): libvirt-2.0.0-27.42.1 libvirt-client-2.0.0-27.42.1 libvirt-client-debuginfo-2.0.0-27.42.1 libvirt-daemon-2.0.0-27.42.1 libvirt-daemon-config-network-2.0.0-27.42.1 libvirt-daemon-config-nwfilter-2.0.0-27.42.1 libvirt-daemon-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-interface-2.0.0-27.42.1 libvirt-daemon-driver-interface-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-lxc-2.0.0-27.42.1 libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-network-2.0.0-27.42.1 libvirt-daemon-driver-network-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-nodedev-2.0.0-27.42.1 libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-nwfilter-2.0.0-27.42.1 libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-qemu-2.0.0-27.42.1 libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-secret-2.0.0-27.42.1 libvirt-daemon-driver-secret-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-storage-2.0.0-27.42.1 libvirt-daemon-driver-storage-debuginfo-2.0.0-27.42.1 libvirt-daemon-hooks-2.0.0-27.42.1 libvirt-daemon-lxc-2.0.0-27.42.1 libvirt-daemon-qemu-2.0.0-27.42.1 libvirt-debugsource-2.0.0-27.42.1 libvirt-doc-2.0.0-27.42.1 libvirt-lock-sanlock-2.0.0-27.42.1 libvirt-lock-sanlock-debuginfo-2.0.0-27.42.1 libvirt-nss-2.0.0-27.42.1 libvirt-nss-debuginfo-2.0.0-27.42.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): libvirt-daemon-driver-libxl-2.0.0-27.42.1 libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.42.1 libvirt-daemon-xen-2.0.0-27.42.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): libvirt-2.0.0-27.42.1 libvirt-client-2.0.0-27.42.1 libvirt-client-debuginfo-2.0.0-27.42.1 libvirt-daemon-2.0.0-27.42.1 libvirt-daemon-config-network-2.0.0-27.42.1 libvirt-daemon-config-nwfilter-2.0.0-27.42.1 libvirt-daemon-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-interface-2.0.0-27.42.1 libvirt-daemon-driver-interface-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-lxc-2.0.0-27.42.1 libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-network-2.0.0-27.42.1 libvirt-daemon-driver-network-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-nodedev-2.0.0-27.42.1 libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-nwfilter-2.0.0-27.42.1 libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-qemu-2.0.0-27.42.1 libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-secret-2.0.0-27.42.1 libvirt-daemon-driver-secret-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-storage-2.0.0-27.42.1 libvirt-daemon-driver-storage-debuginfo-2.0.0-27.42.1 libvirt-daemon-hooks-2.0.0-27.42.1 libvirt-daemon-lxc-2.0.0-27.42.1 libvirt-daemon-qemu-2.0.0-27.42.1 libvirt-debugsource-2.0.0-27.42.1 libvirt-doc-2.0.0-27.42.1 libvirt-lock-sanlock-2.0.0-27.42.1 libvirt-lock-sanlock-debuginfo-2.0.0-27.42.1 libvirt-nss-2.0.0-27.42.1 libvirt-nss-debuginfo-2.0.0-27.42.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64): libvirt-daemon-driver-libxl-2.0.0-27.42.1 libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.42.1 libvirt-daemon-xen-2.0.0-27.42.1 - SUSE Enterprise Storage 4 (x86_64): libvirt-2.0.0-27.42.1 libvirt-client-2.0.0-27.42.1 libvirt-client-debuginfo-2.0.0-27.42.1 libvirt-daemon-2.0.0-27.42.1 libvirt-daemon-config-network-2.0.0-27.42.1 libvirt-daemon-config-nwfilter-2.0.0-27.42.1 libvirt-daemon-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-interface-2.0.0-27.42.1 libvirt-daemon-driver-interface-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-libxl-2.0.0-27.42.1 libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-lxc-2.0.0-27.42.1 libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-network-2.0.0-27.42.1 libvirt-daemon-driver-network-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-nodedev-2.0.0-27.42.1 libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-nwfilter-2.0.0-27.42.1 libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-qemu-2.0.0-27.42.1 libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-secret-2.0.0-27.42.1 libvirt-daemon-driver-secret-debuginfo-2.0.0-27.42.1 libvirt-daemon-driver-storage-2.0.0-27.42.1 libvirt-daemon-driver-storage-debuginfo-2.0.0-27.42.1 libvirt-daemon-hooks-2.0.0-27.42.1 libvirt-daemon-lxc-2.0.0-27.42.1 libvirt-daemon-qemu-2.0.0-27.42.1 libvirt-daemon-xen-2.0.0-27.42.1 libvirt-debugsource-2.0.0-27.42.1 libvirt-doc-2.0.0-27.42.1 libvirt-lock-sanlock-2.0.0-27.42.1 libvirt-lock-sanlock-debuginfo-2.0.0-27.42.1 libvirt-nss-2.0.0-27.42.1 libvirt-nss-debuginfo-2.0.0-27.42.1

References

#1092885

Cross- CVE-2018-3639

Affected Products:

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP2-LTSS

SUSE Enterprise Storage 4

https://www.suse.com/security/cve/CVE-2018-3639.html

https://bugzilla.suse.com/1092885

Severity

Announcement ID: SUSE-SU-2018:1614-1

Rating: important

What Are You Looking For?

SUSE: 2018:1614-1 important: libvirt

Summary

References

Kubernetes Security on AWS: A Practical Guide

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

News

Advisories

HOWTOs

Features

Unlocking the Future of Authentication: Passkeys vs. Passwords

Empowering MSPs with Straightforward Linux Device Management

A Complete Guide to Torrenting Safely in 2024

Cloud Security Basics for Small Businesses

Scanning and Defending Networks with Nmap

About Us

Powered By

What Are You Looking For?

SUSE: 2018:1614-1 important: libvirt

Summary

References

Get the Latest News & Insights

Related News

News

Advisories

HOWTOs

Features

About Us

Powered By