SUSE: 2020:1630-1 Important: Xen Denial Of Service And Escalation Issues
suse
June 16, 2020
An update that fixes 12 vulnerabilities is now available
Summary
This update for xen fixes the following issues: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or "CrossTalk" (bsc#1172205). - CVE-2020-11742: Bad continuation handling in GNTTABOP_copy (bsc#1169392). - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues (bsc#1168140). - CVE-2020-11739: Missing memory barriers in read-write unlock paths (bsc#1168142). - CVE-2019-19583: Fixed improper checks which could have allowed HVM/PVH guest userspace code to crash the guest, leading to a guest denial of service (bsc#1158004 XSA-308). - CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm
Topics Covered
References
#1157888 #1158003 #1158004 #1158005 #1158006
#1158007 #1161181 #1167152 #1168140 #1168142
#1169392 #1172205
Cross- CVE-2019-19577 CVE-2019-19578 CVE-2019-19579
CVE-2019-19580 CVE-2019-19581 CVE-2019-19583
CVE-2020-0543 CVE-2020-11739 CVE-2020-11740
CVE-2020-11741 CVE-2020-11742 CVE-2020-7211
Affected Products:
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud 8
SUSE Linux Enterprise Server for SAP 12-SP3
SUSE Linux Enterprise Server 12-SP3-LTSS
SUSE Linux Enterprise Server 12-SP3-BCL
SUSE Enterprise Storage 5
HPE Helion Openstack 8
https://www.suse.com/security/cve/CVE-2019-19577.html
https://www.suse.com/security/cve/CVE-2019-19578.html
https://https://www.suse.com/security/cve/CVE-2019-19579.html
https://www.suse.com...
Read the Full Advisory
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:1630-1
Rating: important
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!