Linux Security
    Linux Security
    Linux Security

    SUSE: 2020:2822-1 important: xen

    Date
    109
    Posted By
    An update that fixes 12 vulnerabilities is now available.
    
       SUSE Security Update: Security update for xen
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2020:2822-1
    Rating:             important
    References:         #1172205 #1173378 #1173380 #1175534 #1176343 
                        #1176344 #1176345 #1176346 #1176347 #1176348 
                        #1176349 #1176350 
    Cross-References:   CVE-2020-0543 CVE-2020-14364 CVE-2020-15565
                        CVE-2020-15567 CVE-2020-25595 CVE-2020-25596
                        CVE-2020-25597 CVE-2020-25599 CVE-2020-25600
                        CVE-2020-25601 CVE-2020-25603 CVE-2020-25604
                       
    Affected Products:
                        SUSE OpenStack Cloud 7
                        SUSE Linux Enterprise Server for SAP 12-SP2
                        SUSE Linux Enterprise Server 12-SP2-LTSS
                        SUSE Linux Enterprise Server 12-SP2-BCL
    ______________________________________________________________________________
    
       An update that fixes 12 vulnerabilities is now available.
    
    Description:
    
       This update for xen fixes the following issues:
    
       - CVE-2020-25604: Fixed a race condition when migrating timers between x86
         HVM vCPU-s (bsc#1176343,XSA-336)
       - CVE-2020-25595: Fixed an issue where PCI passthrough code was reading
         back hardware registers (bsc#1176344,XSA-337)
       - CVE-2020-25597: Fixed an issue where a valid event channels may not turn
         invalid (bsc#1176346,XSA-338)
       - CVE-2020-25596: Fixed a potential denial of service in x86 pv guest
         kernel via SYSENTER (bsc#1176345,XSA-339)
       - CVE-2020-25603: Fixed an issue due to  missing barriers when
         accessing/allocating an event channel (bsc#1176347,XSA-340)
       - CVE-2020-25600: Fixed out of bounds event channels available to 32-bit
         x86 domains (bsc#1176348,XSA-342)
       - CVE-2020-25599: Fixed race conditions with evtchn_reset()
         (bsc#1176349,XSA-343)
       - CVE-2020-25601: Fixed an issue due to lack of preemption in
         evtchn_reset() / evtchn_destroy() (bsc#1176350,XSA-344)
       - CVE-2020-14364: Fixed an out-of-bounds read/write access while
         processing usb packets (bsc#1175534).
       - CVE-2020-0543: Fixed a leak of Special Register Buffer Data Sampling
         (SRBDS) aka "CrossTalk" (bsc#1172205,XSA-320)
       - CVE-2020-15565: Fixed an issue cache write (bsc#1173378,XSA-321).
       - CVE-2020-15567: Fixed an issue with non-atomic  modification of live EPT
         PTE (bsc#1173380,XSA-328)
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE OpenStack Cloud 7:
    
          zypper in -t patch SUSE-OpenStack-Cloud-7-2020-2822=1
    
       - SUSE Linux Enterprise Server for SAP 12-SP2:
    
          zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-2822=1
    
       - SUSE Linux Enterprise Server 12-SP2-LTSS:
    
          zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-2822=1
    
       - SUSE Linux Enterprise Server 12-SP2-BCL:
    
          zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-2822=1
    
    
    
    Package List:
    
       - SUSE OpenStack Cloud 7 (x86_64):
    
          xen-4.7.6_10-43.67.1
          xen-debugsource-4.7.6_10-43.67.1
          xen-doc-html-4.7.6_10-43.67.1
          xen-libs-32bit-4.7.6_10-43.67.1
          xen-libs-4.7.6_10-43.67.1
          xen-libs-debuginfo-32bit-4.7.6_10-43.67.1
          xen-libs-debuginfo-4.7.6_10-43.67.1
          xen-tools-4.7.6_10-43.67.1
          xen-tools-debuginfo-4.7.6_10-43.67.1
          xen-tools-domU-4.7.6_10-43.67.1
          xen-tools-domU-debuginfo-4.7.6_10-43.67.1
    
       - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
    
          xen-4.7.6_10-43.67.1
          xen-debugsource-4.7.6_10-43.67.1
          xen-doc-html-4.7.6_10-43.67.1
          xen-libs-32bit-4.7.6_10-43.67.1
          xen-libs-4.7.6_10-43.67.1
          xen-libs-debuginfo-32bit-4.7.6_10-43.67.1
          xen-libs-debuginfo-4.7.6_10-43.67.1
          xen-tools-4.7.6_10-43.67.1
          xen-tools-debuginfo-4.7.6_10-43.67.1
          xen-tools-domU-4.7.6_10-43.67.1
          xen-tools-domU-debuginfo-4.7.6_10-43.67.1
    
       - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
    
          xen-4.7.6_10-43.67.1
          xen-debugsource-4.7.6_10-43.67.1
          xen-doc-html-4.7.6_10-43.67.1
          xen-libs-32bit-4.7.6_10-43.67.1
          xen-libs-4.7.6_10-43.67.1
          xen-libs-debuginfo-32bit-4.7.6_10-43.67.1
          xen-libs-debuginfo-4.7.6_10-43.67.1
          xen-tools-4.7.6_10-43.67.1
          xen-tools-debuginfo-4.7.6_10-43.67.1
          xen-tools-domU-4.7.6_10-43.67.1
          xen-tools-domU-debuginfo-4.7.6_10-43.67.1
    
       - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):
    
          xen-4.7.6_10-43.67.1
          xen-debugsource-4.7.6_10-43.67.1
          xen-doc-html-4.7.6_10-43.67.1
          xen-libs-32bit-4.7.6_10-43.67.1
          xen-libs-4.7.6_10-43.67.1
          xen-libs-debuginfo-32bit-4.7.6_10-43.67.1
          xen-libs-debuginfo-4.7.6_10-43.67.1
          xen-tools-4.7.6_10-43.67.1
          xen-tools-debuginfo-4.7.6_10-43.67.1
          xen-tools-domU-4.7.6_10-43.67.1
          xen-tools-domU-debuginfo-4.7.6_10-43.67.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2020-0543.html
       https://www.suse.com/security/cve/CVE-2020-14364.html
       https://www.suse.com/security/cve/CVE-2020-15565.html
       https://www.suse.com/security/cve/CVE-2020-15567.html
       https://www.suse.com/security/cve/CVE-2020-25595.html
       https://www.suse.com/security/cve/CVE-2020-25596.html
       https://www.suse.com/security/cve/CVE-2020-25597.html
       https://www.suse.com/security/cve/CVE-2020-25599.html
       https://www.suse.com/security/cve/CVE-2020-25600.html
       https://www.suse.com/security/cve/CVE-2020-25601.html
       https://www.suse.com/security/cve/CVE-2020-25603.html
       https://www.suse.com/security/cve/CVE-2020-25604.html
       https://bugzilla.suse.com/1172205
       https://bugzilla.suse.com/1173378
       https://bugzilla.suse.com/1173380
       https://bugzilla.suse.com/1175534
       https://bugzilla.suse.com/1176343
       https://bugzilla.suse.com/1176344
       https://bugzilla.suse.com/1176345
       https://bugzilla.suse.com/1176346
       https://bugzilla.suse.com/1176347
       https://bugzilla.suse.com/1176348
       https://bugzilla.suse.com/1176349
       https://bugzilla.suse.com/1176350
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://lists.suse.com/mailman/listinfo/sle-security-updates
    

    Advisories

    LinuxSecurity Poll

    Tails is the most secure Linux distro out there.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/41-ubuntu-is-a-more-secure-distro-than-fedora?task=poll.vote&format=json
    41
    radio
    [{"id":"142","title":"Yes - Tails get my vote!","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"143","title":"Nope - Parrot OS has surpassed Tails in its security and privacy.","votes":"0","type":"x","order":"2","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.