Explore top 10 tips to secure your open-source projects now. Read More
×
This update for xen fixes the following issues: - CVE-2021-3308: VUL-0: xen: IRQ vector leak on x86 (bsc#1181254, XSA-360) - CVE-2021-28687: HVM soft-reset crashes toolstack (bsc#1183072, XSA-368) - L3: conring size for XEN HV's with huge memory to small. Inital Xen logs cut (bsc#1177204) - L3: XEN domU crashed on resume when using the xl unpause command (bsc#1182576) - L3: xen: no needsreboot flag set (bsc#1180690) - kdump of HVM fails, soft-reset not handled by libxl (bsc#1179148) - openQA job causes libvirtd to dump core when running kdump inside domain (bsc#1181989) - Upstream bug fixes (bsc#1027519) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product:
#1027519 #1177204 #1179148 #1180690 #1181254
#1181989 #1182576 #1183072
Cross- CVE-2021-28687 CVE-2021-3308
CVSS scores:
CVE-2021-3308 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3308 (SUSE): 5.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Affected Products:
SUSE MicroOS 5.0
SUSE Linux Enterprise Module for Server Applications 15-SP2
SUSE Linux Enterprise Module for Basesystem 15-SP2
https://www.suse.com/security/cve/CVE-2021-28687.html
https://www.suse.com/security/cve/CVE-2021-3308.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1177204
https://bugzilla.suse.com/1179148
https://bugzilla.suse.com/1180690
https://bugzilla.suse.com/1181254
https://bugzilla.suse.com/1181989
Get the latest Linux and open source security news straight to your inbox.