SUSE Security Update: Security update for xen
______________________________________________________________________________

Announcement ID:    SUSE-SU-2021:14848-1
Rating:             moderate
References:         #1182654 #1186013 #1186429 #1186433 #1186434 
                    #1187369 #1187376 #1187378 #1189150 #1189376 
                    #1189378 #1189632 #1192526 #1192554 #1192555 
                    #1192559 
Cross-References:   CVE-2021-0089 CVE-2021-20255 CVE-2021-28690
                    CVE-2021-28692 CVE-2021-28697 CVE-2021-28698
                    CVE-2021-28701 CVE-2021-28703 CVE-2021-28705
                    CVE-2021-28706 CVE-2021-28709 CVE-2021-3527
                    CVE-2021-3592 CVE-2021-3594 CVE-2021-3595
                    CVE-2021-3682 CVE-2021-3930
CVSS scores:
                    CVE-2021-0089 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
                    CVE-2021-20255 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-20255 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
                    CVE-2021-28697 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-28698 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-28701 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-28703 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2021-28705 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-28706 (NVD) : 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
                    CVE-2021-28706 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-28709 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-3527 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-3527 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
                    CVE-2021-3592 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
                    CVE-2021-3592 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
                    CVE-2021-3594 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
                    CVE-2021-3594 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
                    CVE-2021-3595 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
                    CVE-2021-3595 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
                    CVE-2021-3682 (SUSE): 6 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
                    CVE-2021-3930 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

Affected Products:
                    SUSE Linux Enterprise Server 11-SP4-LTSS
                    SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

   An update that fixes 17 vulnerabilities is now available.

Description:

   This update for xen fixes the following issues:

   - CVE-2021-0089: Fixed Speculative Code Store Bypass (XSA-375)
     (bsc#1186433).
   - CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100
     (bsc#1182654).
   - CVE-2021-28690: Fixed x86 TSX Async Abort protections not restored after
     S3 (XSA-377) (bsc#1186434).
   - CVE-2021-28692: Fixed inappropriate x86 IOMMU timeout detection /
     handling (XSA-373) (bsc#1186429).
   - CVE-2021-28697: Fixed grant table v2 status pages may remain accessible
     after de-allocation (XSA-379) (bsc#1189376).
   - CVE-2021-28698: Fixed long running loops in grant table handling.
     (XSA-380) (bsc#1189378).
   - CVE-2021-28701: Fixed race condition in XENMAPSPACE_grant_table handling
     (XSA-384) (bsc#1189632).
   - CVE-2021-28703: Fixed grant table v2 status pages may remain accessible
     after de-allocation (take two) (XSA-387) (bsc#1192555).
   - CVE-2021-28705, CVE-2021-28709: Fixed issues with partially successful
     P2M updates on x86 (XSA-389) (bsc#1192559).
   - CVE-2021-28706: Fixed guests may exceed their designated memory limit
     (XSA-385) (bsc#1192554).
   - CVE-2021-3527: Fixed unbounded stack allocation in usbredir
     (bsc#1186013).
   - CVE-2021-3592: Fixed invalid pointer initialization may lead to
     information disclosure in slirp (bootp) (bsc#1187369).
   - CVE-2021-3594: Fixed invalid pointer initialization may lead to
     information disclosure in slirp (udp) (bsc#1187378).
   - CVE-2021-3595: Fixed invalid pointer initialization may lead to
     information disclosure in slirp (tftp) (bsc#1187376).
   - CVE-2021-3682: Fixed free call on invalid pointer in usbredir bufp_alloc
     (bsc#1189150).
   - CVE-2021-3930: Fixed off-by-one error in mode_sense_page() in
     hw/scsi/scsi-disk.c (bsc#1192526).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11-SP4-LTSS:

      zypper in -t patch slessp4-xen-14848=1

   - SUSE Linux Enterprise Debuginfo 11-SP4:

      zypper in -t patch dbgsp4-xen-14848=1



Package List:

   - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 x86_64):

      xen-kmp-default-4.4.4_50_3.0.101_108.129-61.67.1
      xen-libs-4.4.4_50-61.67.1
      xen-tools-domU-4.4.4_50-61.67.1

   - SUSE Linux Enterprise Server 11-SP4-LTSS (x86_64):

      xen-4.4.4_50-61.67.1
      xen-doc-html-4.4.4_50-61.67.1
      xen-libs-32bit-4.4.4_50-61.67.1
      xen-tools-4.4.4_50-61.67.1

   - SUSE Linux Enterprise Server 11-SP4-LTSS (i586):

      xen-kmp-pae-4.4.4_50_3.0.101_108.129-61.67.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):

      xen-debuginfo-4.4.4_50-61.67.1
      xen-debugsource-4.4.4_50-61.67.1


References:

   https://www.suse.com/security/cve/CVE-2021-0089.html
   https://www.suse.com/security/cve/CVE-2021-20255.html
   https://www.suse.com/security/cve/CVE-2021-28690.html
   https://www.suse.com/security/cve/CVE-2021-28692.html
   https://www.suse.com/security/cve/CVE-2021-28697.html
   https://www.suse.com/security/cve/CVE-2021-28698.html
   https://www.suse.com/security/cve/CVE-2021-28701.html
   https://www.suse.com/security/cve/CVE-2021-28703.html
   https://www.suse.com/security/cve/CVE-2021-28705.html
   https://www.suse.com/security/cve/CVE-2021-28706.html
   https://www.suse.com/security/cve/CVE-2021-28709.html
   https://www.suse.com/security/cve/CVE-2021-3527.html
   https://www.suse.com/security/cve/CVE-2021-3592.html
   https://www.suse.com/security/cve/CVE-2021-3594.html
   https://www.suse.com/security/cve/CVE-2021-3595.html
   https://www.suse.com/security/cve/CVE-2021-3682.html
   https://www.suse.com/security/cve/CVE-2021-3930.html
   https://bugzilla.suse.com/1182654
   https://bugzilla.suse.com/1186013
   https://bugzilla.suse.com/1186429
   https://bugzilla.suse.com/1186433
   https://bugzilla.suse.com/1186434
   https://bugzilla.suse.com/1187369
   https://bugzilla.suse.com/1187376
   https://bugzilla.suse.com/1187378
   https://bugzilla.suse.com/1189150
   https://bugzilla.suse.com/1189376
   https://bugzilla.suse.com/1189378
   https://bugzilla.suse.com/1189632
   https://bugzilla.suse.com/1192526
   https://bugzilla.suse.com/1192554
   https://bugzilla.suse.com/1192555
   https://bugzilla.suse.com/1192559