SUSE: 2018:1981-1 Important: Xen Critical Issues and Fixes

suse

July 17, 2018

An update that solves four vulnerabilities and has four fixes is now available

Summary

This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242). - CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521). - CVE-2018-12892: Fix libxl to honour the readonly flag on HVM emulated SCSI disks (XSA-266) (bsc#1097523). - CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522). Bug fixes: - bsc#1027519: Add upstream patches from January. - bsc#1098403: Fix regression introduced by changes for bsc#1079730. A PV domU without qcow2 and/or vfb has no qemu attached. Ignore QMP errors for PV domUs to handle PV domUs with and without an attached qemu-xen. - bsc#1087289: Fix xen scheduler crash. Patch Instructions:

Topics Covered

security advisory DoS important security issues xen SUSE Linux Enterprise

References

#1027519 #1079730 #1087289 #1095242 #1097521

#1097522 #1097523 #1098403

Cross- CVE-2018-12891 CVE-2018-12892 CVE-2018-12893

CVE-2018-3665

Affected Products:

SUSE Linux Enterprise Module for Server Applications 15

SUSE Linux Enterprise Module for Basesystem 15

https://www.suse.com/security/cve/CVE-2018-12891.html

https://www.suse.com/security/cve/CVE-2018-12892.html

https://www.suse.com/security/cve/CVE-2018-12893.html

https://www.suse.com/security/cve/CVE-2018-3665.html

https://bugzilla.suse.com/1027519

https://bugzilla.suse.com/1079730

https://bugzilla.suse.com/1087289

https://bugzilla.suse.com/1095242

https://bugzilla.suse.com/1097521

https://bugzilla.suse.com/1097522

https://bugzilla.suse.com/1097523

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:1981-1

Rating: important

Topics Covered

security advisory DoS important security issues xen SUSE Linux Enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:1981-1 Important: Xen Critical Issues and Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:1981-1 Important: Xen Critical Issues and Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!