SUSE-SU-2018:4070-1 -- SLES xenID: oval:org.secpod.oval:def:89002355 | Date: (C)2021-02-26 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for xen fixes the following issues: Security issues fixed: - CVE-2018-18849: Fixed an out of bounds memory access issue was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin . - CVE-2018-18883: Fixed a NULL pointer dereference that could have been triggered by nested VT-x that where not properly restricted . - CVE-2018-19965: Fixed denial of service issue from attempting to use INVPCID with a non-canonical addresses . - CVE-2018-19966: Fixed issue introduced by XSA-240 that could have caused conflicts with shadow paging . - CVE-2018-19961 CVE-2018-19962: Fixed insufficient TLB flushing / improper large page mappings with AMD IOMMUs . Non-security issues fixed: - Added upstream bug fixes . - Fixed XEN SLE12-SP1 domU hang on SLE12-SP3 HV .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |