Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
203
security advisorycriticalkernelMageia 8 MGASA-2022-0242 Critical Kernel Data Leak Issues
This kernel update is based on upstream 5.15.50 and fixes at least the following security issues: Incomplete cleanup of multi-core shared buffers for some Intel Processors may allow an authenticated user to potentially enable information disclosure . MGASA-2022-0242 - Updated kernel packages fix security vulnerabilities Publication date: 29 Jun 2022 URL: https://advisories.mageia.org/MGASA-2022-0242.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166 This kernel update is based on upstream 5.15.50 and fixes at least the following security issues: Incomplete cleanup of multi-core shared buffers for some Intel Processorsmay allow an authenticated user to potentially enable information disclosure via local access (CVE-2022-21123). Incomplete cleanup of microarchitectural fill buffers on some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access (CVE-2022-21125). Incomplete cleanup in specific special register read operations for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access (CVE-2022-21127, CVE-2022-21166). For other upstream fixes, see the referenced changelogs. References: - https://bugs.mageia.org/show_bug.cgi?id=30563 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.47 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.48 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.49 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.50 - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html - https://www.cve.org/CVERecord?id=CVE-2022-21123 - https://www.cve.org/CVERecord?id=CVE-2022-21125 - https://www.cve.org/CVERecord?id=CVE-2022-21127 - https://www.cve.org/CVERecord?id=CVE-2022-21166 SRPMS: - 8/core/kernel-5.15.50-1.mga8 - 8/core/kmod-virtualbox-6.1.34-1.20.mga8 - 8/core/kmod-xtables-addons-3.20-1.20.mga8 . The kernel refreshMGASA-2022-0242 tackles several vulnerabilities, enhancing protection against potential data exposures from local entry.. Mageia Kernel Update, Information Disclosure Fixes, Security Patches. . Severity: Critical. LinuxSecurity.com Team
Jun 29, 2022
•Critical
Mageia
89
security advisoryupdateFedoraFedora 29: Vital Security Update FEDORA-2019-1f5832fc0e Regarding MDS
Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091] additional patches so above applies cleanly work around grub2 issues in dom0. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-1f5832fc0e 2019-05-30 17:27:02.839897 --------------------------------------------------------------------------------Name : xen Product : Fedora 29 Version : 4.11.1 Release : 5.fc29 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091] additional patches so above applies cleanly work around grub2 issues in dom0 --------------------------------------------------------------------------------ChangeLog: * Tue May 14 2019 Michael Young - 4.11.1-5 - Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091] - additional patches so above applies cleanly - work around grub2 issues in dom0 * Tue Mar 5 2019 Michael Young - 4.11.1-4 - xen: various flaws (#1685577) grant table transfer issues on large hosts [XSA-284] race with pass-through device hotplug [XSA-285] x86: steal_page violates page_struct access discipline [XSA-287] x86: Inconsistent PV IOMMU discipline [XSA-288] missing preemption in x86 PV page table unvalidation [XSA-290] x86/PV: page type reference counting issue with failed IOMMU update [XSA-291] x86: insufficient TLB flushing when using PCID [XSA-292] x86: PV kernel context switch corruption [XSA-293] x86 shadow: InsufficientTLB flushing when using PCID [XSA-294] * Thu Feb 14 2019 Michael Young - 4.11.1-3 - add gcc9 build fixes (#1676229) * Sun Feb 3 2019 Fedora Release Engineering - 4.11.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Dec 11 2018 Michael Young - 4.11.1-1 - update to 4.11.1 remove patches for issues now fixed upstream adjust xen.use.fedora.ipxe.patch - only include qemutrad build requirements for platforms that use it - construct ovmf.bin from edk2-ovmf package (#1656651) * Tue Nov 20 2018 Michael Young - 4.11.0-10 - insufficient TLB flushing / improper large page mappings with AMD IOMMUs [XSA-275, CVE-2018-19961, CVE-2018-19962] (#1651665) - x86: DoS from attempting to use INVPCID with a non-canonical addresses [XSA-279, CVE-2018-19965] (#1651970) - xen: various flaws (#1652251) resource accounting issues in x86 IOREQ server handling [XSA-276, CVE-2018-19963] x86: incorrect error handling for guest p2m page removals [XSA-277, CVE-2018-19964] Fix for XSA-240 conflicts with shadow paging [XSA-280, CVE-2018-19966] * Tue Nov 6 2018 Michael Young - 4.11.0-9 - guest use of HLE constructs may lock up host [XSA-282, CVE-2018-19967] * Wed Oct 24 2018 Michael Young - 4.11.0-8 - x86: Nested VT-x usable even when disabled [XSA-278, CVE-2018-18883] (#1643118) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-1f5832fc0e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list
May 30, 2019
•Important
Fedora
100
security advisoryinformation leakimportantSUSE: 2019:14063-1 Important: Xen Info Leak And Heap Overflow
An update that fixes 5 vulnerabilities is now available. . SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:14063-1 Rating: important References: #1027519 #1111331 #1130680 Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-20815 CVE-2019-11091 Affected Products: SUSE Linux Enterprise Server 11-SP4-LTSS SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionally also use CPU Microcode updates. The mitigation can be controlled via the "mds" commandline option, see the documentation. For more information on this set of vulnerabilities, check out https://support.scc.suse.com/s/kb?language=en_US Other fixes: - CVE-2018-20815: Fixed a heap buffer overflow while loading device tree blob (bsc#1130680). - Added upstream bug fix (bsc#1027519). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-LTSS: zypper in -t patch slessp4-xen-14063=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xen-14063=1 Package List: - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 x86_64): xen-kmp-default-4.4.4_40_3.0.101_108.90-61.46.2 xen-libs-4.4.4_40-61.46.2 xen-tools-domU-4.4.4_40-61.46.2 - SUSE Linux Enterprise Server 11-SP4-LTSS (x86_64): xen-4.4.4_40-61.46.2 xen-doc-html-4.4.4_40-61.46.2 xen-libs-32bit-4.4.4_40-61.46.2 xen-tools-4.4.4_40-61.46.2 - SUSE Linux Enterprise Server 11-SP4-LTSS (i586): xen-kmp-pae-4.4.4_40_3.0.101_108.90-61.46.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): xen-debuginfo-4.4.4_40-61.46.2 xen-debugsource-4.4.4_40-61.46.2 References: https://www.suse.com/security/cve/CVE-2018-12126.html https://www.suse.com/security/cve/CVE-2018-12127.html https://www.suse.com/security/cve/CVE-2018-12130.html https://www.suse.com/security/cve/CVE-2018-20815.html https://www.suse.com/security/cve/CVE-2019-11091.html https://bugzilla.suse.com/1027519 https://bugzilla.suse.com/1111331 https://bugzilla.suse.com/1130680 _______________________________________________ sle-security-updates mailing list
May 24, 2019
•Important
SuSE
172
security advisoryupdateUbuntuUbuntu 19.04: USN-3977-2 Moderate: Intel Microcode Information Exposure
The system could be made to expose sensitive information.. =========================================================================Ubuntu Security Notice USN-3977-2 May 22, 2019 intel-microcode update ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM Summary: The system could be made to expose sensitive information. Software Description: - intel-microcode: Processor microcode for Intel CPUs Details: USN-3977-1 provided mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry Trail and Bay Trail processor families. Original advisory details: Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12130) Brandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that memory previously stored in microarchitectural load ports of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12127) Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory previously stored in microarchitectural store buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12126) Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur, Moritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that uncacheable memory previously stored in microarchitectural buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11091) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: intel-microcode 3.20190514.0ubuntu0.19.04.3 Ubuntu 18.10: intel-microcode 3.20190514.0ubuntu0.18.10.2 Ubuntu 18.04 LTS: intel-microcode 3.20190514.0ubuntu0.18.04.3 Ubuntu 16.04 LTS: intel-microcode 3.20190514.0ubuntu0.16.04.2 Ubuntu 14.04 ESM: intel-microcode 3.20190514.0ubuntu0.14.04.2 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3977-2 https://ubuntu.com/security/notices/USN-3977-1 CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/MDS Package Information: https://launchpad.net/ubuntu/+source/intel-microcode/3.20190514.0ubuntu0.19.04.3 https://launchpad.net/ubuntu/+source/intel-microcode/3.20190514.0ubuntu0.18.10.2 https://launchpad.net/ubuntu/+source/intel-microcode/3.20190514.0ubuntu0.18.04.3 https://launchpad.net/ubuntu/+source/intel-microcode/3.20190514.0ubuntu0.16.04.2 . A microcode revision from Intel for Ubuntu tackles vulnerabilities revealing confidential information. Discover the details of the remedy here.. Intel Microcode Update, Ubuntu Security Notice, Sensitive Information Exposure, Linux Security Advisory, Microarchitectural Attacks. . LinuxSecurity.com Team
May 22, 2019
Ubuntu
203
security advisorycriticalCPUMageia 6: 2019-0179 Critical: VirtualBox MDS Attack Mitigation
This update provies Virtualbox 6.0.8 that fixes the Microarchitectural Data Sampling (MDS, also called ZombieLoad attack) vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU. . MGASA-2019-0179 - Updated virtualbox packages fix security vulnerabilities Publication date: 18 May 2019 URL: https://advisories.mageia.org/MGASA-2019-0179.html Type: security Affected Mageia releases: 6 CVE: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 This update provies Virtualbox 6.0.8 that fixes the Microarchitectural Data Sampling (MDS, also called ZombieLoad attack) vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU. The fixed / mitigated issues are: Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126) Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2018-12127) A flaw was found in the implementation of the "fill buffer", amechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130) Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11091) For other fixes in this update, see the referenced changelog. References: - https://bugs.mageia.org/show_bug.cgi?id=24831 - https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html - - https://www.cve.org/CVERecord?id=CVE-2018-12126 - https://www.cve.org/CVERecord?id=CVE-2018-12127 - https://www.cve.org/CVERecord?id=CVE-2018-12130 - https://www.cve.org/CVERecord?id=CVE-2019-11091 SRPMS: - 6/core/virtualbox-6.0.8-1.mga6 - 6/core/kmod-vboxadditions-6.0.8-1.mga6 - 6/core/kmod-virtualbox-6.0.8-1.mga6 . The update for VirtualBox version 6.0.8 tackles MDS vulnerabilities, safeguarding Intel processors against potential data breaches.. Virtualbox Security, Mageia Vulnerability Fixes, CPU Data Protection. . Severity: Critical. LinuxSecurity.com Team
May 18, 2019
•Critical
Mageia
89
security advisoryfedorasystem updateFedora 30: FEDORA-2019-6458474bf2 Moderate: Microarchitectural Enhancements
Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091] additional patches so above applies cleanly work around grub2 issues in dom0. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-6458474bf2 2019-05-18 01:01:14.943218 --------------------------------------------------------------------------------Name : xen Product : Fedora 30 Version : 4.11.1 Release : 5.fc30 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091] additional patches so above applies cleanly work around grub2 issues in dom0 --------------------------------------------------------------------------------ChangeLog: * Tue May 14 2019 Michael Young - 4.11.1-5 - Microarchitectural Data Sampling speculative side channel [XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091] - additional patches so above applies cleanly - work around grub2 issues in dom0 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-6458474bf2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 17, 2019
Fedora
197
security advisoryupdatedebianDebian 8: DLA-1787-1 Critical: linux-4.9 Intel Data Exposure
Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures (buffers). This flaw could allow an attacker controlling an unprivileged process to . Package : linux-4.9 Version : 4.9.168-1+deb9u2~deb8u1 CVE ID : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Debian Bug : 928125 Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures (buffers). This flaw could allow an attacker controlling an unprivileged process to read sensitive information, including from the kernel and all other processes running on the system or cross guest/host boundaries to read host memory. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details. To fully resolve these vulnerabilities it is also necessary to install updated CPU microcode. An updated intel-microcode package (only available in Debian non-free) will be provided via a separate DLA. The updated CPU microcode may also be available as part of a system firmware ("BIOS") update. In addition, this update includes a fix for a regression causing deadlocks inside the loopback driver, which was introduced by the update to 4.9.168 in the last security update. For Debian 8 "Jessie", these problems have been fixed in version 4.9.168-1+deb9u2~deb8u1. We recommend that you upgrade your linux-4.9 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- Ben Hutchings - Debian developer, member of kernel, installer and LTS teams . Debian LTS enhances linux-4.9 to mitigate Intel's data leakage vulnerabilities and various associated concerns.. Debian LTS, linux-4.9, intel flaw, securityupdate, data exposure. . Severity: Critical. LinuxSecurity.com Team
May 15, 2019
•Critical
Debian LTS
100
security advisoryinformation leakupdateSUSE: 2019:1248-1 Important: Xen Information Leak Mitigations
An update that solves four vulnerabilities and has three fixes is now available. . SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:1248-1 Rating: important References: #1027519 #1079730 #1098403 #1111025 #1111331 #1120067 #1120095 Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Affected Products: SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves four vulnerabilities and has three fixes is now available. Description: This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionaly also use CPU Microcode updates. The mitigation can be controlled via the "mds" commandline option, see the documentation. For more information on this set of vulnerabilities, check out https://support.scc.suse.com/s/kb?language=en_US Other fixes: - Added code to change LIBXL_HOTPLUG_TIMEOUT at runtime. The included README has details about the impact of this change (bsc#1120095) - Fixes in Live migrating PV domUs An earlier change broke live migration of PV domUs without a device model. The migration would stall for 10 seconds while the domU was paused, which caused network connections to drop. Fix this bytracking the need for a device model within libxl. (bsc#1079730, bsc#1098403, bsc#1111025) - Libvirt segfault when crash triggered on top of HVM guest (bsc#1120067) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2019-1248=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-1248=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15 (x86_64): xen-4.10.3_04-3.19.1 xen-debugsource-4.10.3_04-3.19.1 xen-devel-4.10.3_04-3.19.1 xen-tools-4.10.3_04-3.19.1 xen-tools-debuginfo-4.10.3_04-3.19.1 - SUSE Linux Enterprise Module for Basesystem 15 (x86_64): xen-debugsource-4.10.3_04-3.19.1 xen-libs-4.10.3_04-3.19.1 xen-libs-debuginfo-4.10.3_04-3.19.1 xen-tools-domU-4.10.3_04-3.19.1 xen-tools-domU-debuginfo-4.10.3_04-3.19.1 References: https://www.suse.com/security/cve/CVE-2018-12126.html https://www.suse.com/security/cve/CVE-2018-12127.html https://www.suse.com/security/cve/CVE-2018-12130.html https://www.suse.com/security/cve/CVE-2019-11091.html https://bugzilla.suse.com/1027519 https://bugzilla.suse.com/1079730 https://bugzilla.suse.com/1098403 https://bugzilla.suse.com/1111025 https://bugzilla.suse.com/1111331 https://bugzilla.suse.com/1120067 https://bugzilla.suse.com/1120095 _______________________________________________ sle-security-updates mailing list
May 14, 2019
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!