Security update for xen

SUSE Security Update: Security update for xen
Announcement ID: SUSE-SU-2018:2069-1
Rating: moderate
References: #1027519 #1079730 #1095242 #1096224 #1097521 #1097522 #1098744
Affected Products:
  • SUSE Linux Enterprise Server for SAP 12-SP1
  • SUSE Linux Enterprise Server 12-SP1-LTSS

  • An update that solves 5 vulnerabilities and has two fixes is now available.

    Description:

    This update for xen fixes the following issues:

    Security issues fixed:

    - CVE-2018-12617: Fix integer overflow that causes segmentation fault in
    qmp_guest_file_read() with g_malloc() (bsc#1098744).
    - CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242).
    - CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented
    datagrams (bsc#1096224).
    - CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU
    operations that affect the entire host (XSA-264) (bsc#1097521).
    - CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check
    (XSA-265) (bsc#1097522).

    Bug fixes:

    - bsc#1079730: Fix failed "write" lock.
    - bsc#1027519: Add upstream patches from January.

    Patch Instructions:

    To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Server for SAP 12-SP1:
      zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1406=1
    • SUSE Linux Enterprise Server 12-SP1-LTSS:
      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1406=1

    Package List:

    • SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
      • xen-4.5.5_24-22.52.3
      • xen-debugsource-4.5.5_24-22.52.3
      • xen-doc-html-4.5.5_24-22.52.3
      • xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3
      • xen-kmp-default-debuginfo-4.5.5_24_k3.12.74_60.64.96-22.52.3
      • xen-libs-32bit-4.5.5_24-22.52.3
      • xen-libs-4.5.5_24-22.52.3
      • xen-libs-debuginfo-32bit-4.5.5_24-22.52.3
      • xen-libs-debuginfo-4.5.5_24-22.52.3
      • xen-tools-4.5.5_24-22.52.3
      • xen-tools-debuginfo-4.5.5_24-22.52.3
      • xen-tools-domU-4.5.5_24-22.52.3
      • xen-tools-domU-debuginfo-4.5.5_24-22.52.3
    • SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
      • xen-4.5.5_24-22.52.3
      • xen-debugsource-4.5.5_24-22.52.3
      • xen-doc-html-4.5.5_24-22.52.3
      • xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3
      • xen-kmp-default-debuginfo-4.5.5_24_k3.12.74_60.64.96-22.52.3
      • xen-libs-32bit-4.5.5_24-22.52.3
      • xen-libs-4.5.5_24-22.52.3
      • xen-libs-debuginfo-32bit-4.5.5_24-22.52.3
      • xen-libs-debuginfo-4.5.5_24-22.52.3
      • xen-tools-4.5.5_24-22.52.3
      • xen-tools-debuginfo-4.5.5_24-22.52.3
      • xen-tools-domU-4.5.5_24-22.52.3
      • xen-tools-domU-debuginfo-4.5.5_24-22.52.3

    References: