What Are You Looking For?

Sign Up

   SUSE Security Update: Security update for xen
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:1633-1
Rating:             important
References:         #1027519 #1168178 #1172205 
Cross-References:   CVE-2020-0543
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 12-SP5
                    SUSE Linux Enterprise Server 12-SP5
______________________________________________________________________________

   An update that solves one vulnerability and has two fixes
   is now available.

Description:

   This update for xen fixes the following issues:

   - CVE-2020-0543: Fixed a side channel attack against special registers     which could have resulted in leaking of read values to cores other than
     the one which called it. This attack is known as Special Register Buffer
     Data Sampling (SRBDS) or "CrossTalk" (bsc#1172205).
   - Fixed an issue with efi boot when  nvidia optimus or newer graphic cards
     are used (bsc#1168178).d


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 12-SP5:

      zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1633=1

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1633=1



Package List:

   - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 x86_64):

      xen-debugsource-4.12.3_02-3.14.1
      xen-devel-4.12.3_02-3.14.1

   - SUSE Linux Enterprise Server 12-SP5 (x86_64):

      xen-4.12.3_02-3.14.1
      xen-debugsource-4.12.3_02-3.14.1
      xen-doc-html-4.12.3_02-3.14.1
      xen-libs-32bit-4.12.3_02-3.14.1
      xen-libs-4.12.3_02-3.14.1
      xen-libs-debuginfo-32bit-4.12.3_02-3.14.1
      xen-libs-debuginfo-4.12.3_02-3.14.1
      xen-tools-4.12.3_02-3.14.1
      xen-tools-debuginfo-4.12.3_02-3.14.1
      xen-tools-domU-4.12.3_02-3.14.1
      xen-tools-domU-debuginfo-4.12.3_02-3.14.1


References:

   https://www.suse.com/security/cve/CVE-2020-0543.html
   https://bugzilla.suse.com/1027519
   https://bugzilla.suse.com/1168178
   https://bugzilla.suse.com/1172205

_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
https://lists.suse.com/mailman/listinfo/sle-security-updates

SUSE: 2020:1633-1 important: xen

June 17, 2020
An update that solves one vulnerability and has two fixes is now available

Summary

This update for xen fixes the following issues: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or "CrossTalk" (bsc#1172205). - Fixed an issue with efi boot when nvidia optimus or newer graphic cards are used (bsc#1168178).d Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1633=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1633=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 x86_64): xen-debugsource-4.12.3_02-3.14.1 xen-devel-4.12.3_02-3.14.1 - SUSE Linux Enterprise Server 12-SP5 (x86_64): xen-4.12.3_02-3.14.1 xen-debugsource-4.12.3_02-3.14.1 xen-doc-html-4.12.3_02-3.14.1 xen-libs-32bit-4.12.3_02-3.14.1 xen-libs-4.12.3_02-3.14.1 xen-libs-debuginfo-32bit-4.12.3_02-3.14.1 xen-libs-debuginfo-4.12.3_02-3.14.1 xen-tools-4.12.3_02-3.14.1 xen-tools-debuginfo-4.12.3_02-3.14.1 xen-tools-domU-4.12.3_02-3.14.1 xen-tools-domU-debuginfo-4.12.3_02-3.14.1

References

#1027519 #1168178 #1172205

Cross- CVE-2020-0543

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP5

SUSE Linux Enterprise Server 12-SP5

https://www.suse.com/security/cve/CVE-2020-0543.html

https://bugzilla.suse.com/1027519

https://bugzilla.suse.com/1168178

https://bugzilla.suse.com/1172205

Severity
Announcement ID: SUSE-SU-2020:1633-1
Rating: important

Related News

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Nov 25, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo