SUSE 12-LTSS: 2019:0827-1 Important: Fixes Multiple Xen Issues

suse

April 1, 2019

An update that solves 15 vulnerabilities and has 10 fixes is now available

Summary

This update for xen fixes the following issues: Security issues fixed: - CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in slirp (bsc#1123157). - CVE-2017-13672: Fixed an out of bounds read access during display update (bsc#1056336). - Fixed an issue which could allow malicious or buggy guests with passed through PCI devices to be able to escalate their privileges, crash the host, or access data belonging to other guests. Additionally memory leaks were also possible (bsc#1126140) - Fixed a race condition issue which could allow malicious PV guests to escalate their privilege to that of the hypervisor (bsc#1126141). - CVE-2018-18849: Fixed an out of bounds msg buffer access which could lead to denial of service (bsc#1114423). - Fixed an issue which could allow a malicious unprivileged guest

Topics Covered

security advisory denial of service buffer overflow important suse xen privilige escalation

References

#1027519 #1056336 #1105528 #1108940 #1110924

#1111007 #1111011 #1111014 #1112188 #1114423

#1114988 #1115040 #1115045 #1115047 #1117756

#1123157 #1126140 #1126141 #1126192 #1126195

#1126196 #1126198 #1126201 #1127400 #1129623

Cross- CVE-2017-13672 CVE-2018-10839 CVE-2018-17958

CVE-2018-17962 CVE-2018-17963 CVE-2018-18438

CVE-2018-18849 CVE-2018-19665 CVE-2018-19961

CVE-2018-19962 CVE-2018-19965 CVE-2018-19966

CVE-2018-19967 CVE-2019-6778 CVE-2019-9824

Affected Products:

SUSE Linux Enterprise Server 12-LTSS

https://www.suse.com/security/cve/CVE-2017-13672.html

https://www.suse.com/security/cve/CVE-2018-10839.html

https://www.suse.com/security/cve/CVE-2018-17958.html

https://www.suse.com/security/cve/CVE-2018-17962.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:0827-1

Rating: important

Topics Covered

security advisory denial of service buffer overflow important suse xen privilige escalation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 12-LTSS: 2019:0827-1 Important: Fixes Multiple Xen Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 12-LTSS: 2019:0827-1 Important: Fixes Multiple Xen Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!