Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2020:2234-1 Important: Xen Patch For Multiple Issues

suse
Calendar Grey August 13, 2020
Dist Suse Esm H88
An important SUSE patch addresses various vulnerabilities in xen impacting OpenStack as well as SAP. Immediate deployment recommended for enhanced security!
An update that fixes 5 vulnerabilities is now available

Summary

This update for xen fixes the following issues: - bsc#1174543 - secure boot related fixes - bsc#1163019 - CVE-2020-8608: Potential OOB access due to unsafe snprintf() usages - bsc#1169392 - CVE-2020-11742: Bad continuation handling in GNTTABOP_copy - bsc#1168140 - CVE-2020-11740, CVE-2020-11741: Multiple xenoprof issues - bsc#1168142 - CVE-2020-11739: Missing memory barriers in read-write unlock paths Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2020-2234=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-2234=1

Topics%20covered

Topics Covered

security advisory type threat important xen SUSE OpenStack Cloud

References

#1163019 #1168140 #1168142 #1169392 #1174543

Cross- CVE-2020-11739 CVE-2020-11740 CVE-2020-11741

CVE-2020-11742 CVE-2020-8608

Affected Products:

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP2-LTSS

SUSE Linux Enterprise Server 12-SP2-BCL

https://www.suse.com/security/cve/CVE-2020-11739.html

https://www.suse.com/security/cve/CVE-2020-11740.html

https://www.suse.com/security/cve/CVE-2020-11741.html

https://www.suse.com/security/cve/CVE-2020-11742.html

https://www.suse.com/security/cve/CVE-2020-8608.html

https://bugzilla.suse.com/1163019

https://bugzilla.suse.com/1168140

https://bugzilla.suse.com/1168142

https://bugzilla.suse.com/1169392

https://bugzilla.suse.com/1174543

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:2234-1
Rating: important

Topics%20covered

Topics Covered

security advisory type threat important xen SUSE OpenStack Cloud

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here