SUSE: 2019:0003-1 Important: Critical Xen Denial of Service Update

suse

January 2, 2019

An update that solves 11 vulnerabilities and has one errata is now available

Summary

This update for xen fixes the following issues: - Update to Xen 4.11.1 bug fix release (bsc#1027519) - CVE-2018-17963: Fixed an integer overflow issue in the QEMU emulator, which could occur when a packet with large packet size is processed. A user inside a guest could have used this flaw to crash the qemu process resulting in a Denial of Service (DoS). (bsc#1111014) - CVE-2018-18849: Fixed an out of bounds memory access in the LSI53C895A SCSI host bus adapter emulation, which allowed a user and/or process to crash the qemu process resulting in a Denial of Service (DoS). (bsc#1114423) - CVE-2018-18883: Fixed an issue related to inproper restriction of nested VT-x, which allowed a guest to cause Xen to crash, resulting in a Denial of Service (DoS). (XSA-278) (bsc#1114405)

Topics Covered

security advisory software update Denial of Service SUSE Linux xen

References

#1027519 #1108940 #1111014 #1114405 #1114423

#1114988 #1115040 #1115043 #1115044 #1115045

#1115047 #1117756

Cross- CVE-2018-17963 CVE-2018-18849 CVE-2018-18883

CVE-2018-19665 CVE-2018-19961 CVE-2018-19962

CVE-2018-19963 CVE-2018-19964 CVE-2018-19965

CVE-2018-19966 CVE-2018-19967

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP4

SUSE Linux Enterprise Server 12-SP4

SUSE Linux Enterprise Desktop 12-SP4

https://www.suse.com/security/cve/CVE-2018-17963.html

https://www.suse.com/security/cve/CVE-2018-18849.html

https://www.suse.com/security/cve/CVE-2018-18883.html

https://www.suse.com/security/cve/CVE-2018-19665.html

https://www.suse.com/security/cve/CVE-2018-19961.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:0003-1

Rating: important

Topics Covered

security advisory software update Denial of Service SUSE Linux xen

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:0003-1 Important: Critical Xen Denial of Service Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:0003-1 Important: Critical Xen Denial of Service Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!