{"affected":[{"ecosystem_specific":{"binaries":[{"xen":"4.7.6_05-43.45.1","xen-doc-html":"4.7.6_05-43.45.1","xen-libs":"4.7.6_05-43.45.1","xen-libs-32bit":"4.7.6_05-43.45.1","xen-tools":"4.7.6_05-43.45.1","xen-tools-domU":"4.7.6_05-43.45.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 7","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.7.6_05-43.45.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.7.6_05-43.45.1","xen-doc-html":"4.7.6_05-43.45.1","xen-libs":"4.7.6_05-43.45.1","xen-libs-32bit":"4.7.6_05-43.45.1","xen-tools":"4.7.6_05-43.45.1","xen-tools-domU":"4.7.6_05-43.45.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.7.6_05-43.45.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.7.6_05-43.45.1","xen-doc-html":"4.7.6_05-43.45.1","xen-libs":"4.7.6_05-43.45.1","xen-libs-32bit":"4.7.6_05-43.45.1","xen-tools":"4.7.6_05-43.45.1","xen-tools-domU":"4.7.6_05-43.45.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2-LTSS","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.7.6_05-43.45.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.7.6_05-43.45.1","xen-doc-html":"4.7.6_05-43.45.1","xen-libs":"4.7.6_05-43.45.1","xen-libs-32bit":"4.7.6_05-43.45.1","xen-tools":"4.7.6_05-43.45.1","xen-tools-domU":"4.7.6_05-43.45.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2-BCL","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.7.6_05-43.45.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.7.6_05-43.45.1","xen-doc-html":"4.7.6_05-43.45.1","xen-libs":"4.7.6_05-43.45.1","xen-libs-32bit":"4.7.6_05-43.45.1","xen-tools":"4.7.6_05-43.45.1","xen-tools-domU":"4.7.6_05-43.45.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 4","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Enterprise%20Storage%204"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.7.6_05-43.45.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for xen fixes the following issues:\n\nSecurity vulnerabilities fixed:\n\n- CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB\n  flushing with AMD IOMMUs, which potentially allowed a guest to escalate its\n  privileges, may cause a Denial of Service (DoS) affecting the entire host, or\n  may be able to access data it is not supposed to access. (XSA-275)\n  (bsc#1115040)\n- CVE-2018-19965: Fixed an issue related to the INVPCID instruction in case\n  non-canonical addresses are accessed, which may allow a guest to cause Xen to\n  crash, resulting in a Denial of Service (DoS) affecting the entire host.\n  (XSA-279) (bsc#1115045)\n- CVE-2018-19966: Fixed an issue related to a previous fix for XSA-240, which\n  conflicted with shadow paging and allowed a guest to cause Xen to crash,\n  resulting in a Denial of Service (DoS). (XSA-280) (bsc#1115047)\n- CVE-2018-19665: Fixed an integer overflow resulting in memory corruption in\n  various Bluetooth functions, allowing this to crash qemu process resulting in\n  Denial of Service (DoS). (bsc#1117756).\n- CVE-2018-18849: Fixed an out of bounds memory access in the LSI53C895A SCSI\n  host bus adapter emulation, which allowed a user and/or process to crash the\n  qemu process resulting in a Denial of Service (DoS). (bsc#1114423)\n\nOther bugs fixed:\n\n- Fixed an issue related to a domU hang on SLE12-SP3 HV (bsc#1108940)\n- Fixed an issue with xpti=no-dom0 not working as expected (bsc#1105528)\n- Fixed an issue with live migrations, which used to fail when spectre is\n  enabled on xen boot cmdline (bsc#1116380)\n- Upstream bug fixes (bsc#1027519)\n","id":"SUSE-SU-2019:0020-1","modified":"2019-01-04T13:46:39Z","published":"2019-01-04T13:46:39Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-20190020-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1027519"},{"type":"REPORT","url":"https://bugzilla.suse.com/1105528"},{"type":"REPORT","url":"https://bugzilla.suse.com/1108940"},{"type":"REPORT","url":"https://bugzilla.suse.com/1114423"},{"type":"REPORT","url":"https://bugzilla.suse.com/1115040"},{"type":"REPORT","url":"https://bugzilla.suse.com/1115045"},{"type":"REPORT","url":"https://bugzilla.suse.com/1115047"},{"type":"REPORT","url":"https://bugzilla.suse.com/1116380"},{"type":"REPORT","url":"https://bugzilla.suse.com/1117756"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-18849"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-19665"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-19961"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-19962"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-19965"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-19966"}],"related":["CVE-2018-18849","CVE-2018-19665","CVE-2018-19961","CVE-2018-19962","CVE-2018-19965","CVE-2018-19966"],"summary":"Security update for xen","upstream":["CVE-2018-18849","CVE-2018-19665","CVE-2018-19961","CVE-2018-19962","CVE-2018-19965","CVE-2018-19966"]}