openSUSE Security Update : xen (openSUSE-2018-1624) (Foreshadow)

high Nessus Plugin ID 119951

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for xen fixes the following issues :

Update to Xen 4.10.2 bug fix release (bsc#1027519).

Security vulnerabilities fixed :

- CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may cause a Denial of Service (DoS) affecting the entire host, or may be able to access data it is not supposed to access. (XSA-275) (bsc#1115040)

- CVE-2018-19965: Fixed an issue related to the INVPCID instruction in case non-canonical addresses are accessed, which may allow a guest to cause Xen to crash, resulting in a Denial of Service (DoS) affecting the entire host. (XSA-279) (bsc#1115045)

- CVE-2018-19966: Fixed an issue related to a previous fix for XSA-240, which conflicted with shadow paging and allowed a guest to cause Xen to crash, resulting in a Denial of Service (DoS). (XSA-280) (bsc#1115047)

- CVE-2018-18883: Fixed an issue related to inproper restriction of nested VT-x, which allowed a guest to cause Xen to crash, resulting in a Denial of Service (DoS). (XSA-278) (bsc#1114405)

- CVE-2018-15468: Fixed incorrect MSR_DEBUGCTL handling, which allowed guests to enable Branch Trace Store and may cause a Denial of Service (DoS) of the entire host.
(XSA-269) (bsc#1103276)

- CVE-2018-15469: Fixed use of v2 grant tables on ARM, which were not properly implemented and may cause a Denial of Service (DoS). (XSA-268) (bsc#1103275)

- CVE-2018-15470: Fixed an issue in the logic in oxenstored for handling writes, which allowed a guest to write memory unbounded leading to system-wide Denial of Service (DoS). (XSA-272) (bsc#1103279)

- CVE-2018-3646: Mitigations for VMM aspects of L1 Terminal Fault (XSA-273) (bsc#1091107)

Other bugs fixed :

- Fixed an issue related to a domU hang on SLE12-SP3 HV (bsc#1108940)

- Fixed an issue with xpti=no-dom0 not working as expected (bsc#1105528)

- Fixed a kernel oops related to fs/dcache.c called by d_materialise_unique() (bsc#1094508)

This update was imported from the SUSE:SLE-15:Update update project.

Solution

Update the affected xen packages.

Plugin Details

Severity: High

ID: 119951

File Name: openSUSE-2018-1624.nasl

Version: 1.4

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 12/31/2018

Updated: 7/12/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2018-19966

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:xen-debugsource, p-cpe:/a:novell:opensuse:xen-libs-32bit, cpe:/o:novell:opensuse:15.0, p-cpe:/a:novell:opensuse:xen-devel, p-cpe:/a:novell:opensuse:xen-doc-html, p-cpe:/a:novell:opensuse:xen-libs-debuginfo, p-cpe:/a:novell:opensuse:xen-tools-domu-debuginfo, p-cpe:/a:novell:opensuse:xen, p-cpe:/a:novell:opensuse:xen-libs, p-cpe:/a:novell:opensuse:xen-tools, p-cpe:/a:novell:opensuse:xen-libs-32bit-debuginfo, p-cpe:/a:novell:opensuse:xen-tools-debuginfo, p-cpe:/a:novell:opensuse:xen-tools-domu

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 12/29/2018

Reference Information

CVE: CVE-2018-15468, CVE-2018-15469, CVE-2018-15470, CVE-2018-18883, CVE-2018-19961, CVE-2018-19962, CVE-2018-19965, CVE-2018-19966, CVE-2018-3646

Detections

Analytics