Security update for xen SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:2192-1 Final 1 1 2020-12-07T11:06:08Z current 2020-12-07T11:06:08Z 2020-12-07T11:06:08Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xen This update for xen fixes the following issues: - bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change (XSA-355) This update was imported from the SUSE:SLE-15-SP1:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-2192 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5GBNU2YMLJN6R7ACNKZML4MG7X35FZTY/ E-Mail link for openSUSE-SU-2020:2192-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1177409 SUSE Bug 1177409 https://bugzilla.suse.com/1177412 SUSE Bug 1177412 https://bugzilla.suse.com/1177413 SUSE Bug 1177413 https://bugzilla.suse.com/1177414 SUSE Bug 1177414 https://bugzilla.suse.com/1178591 SUSE Bug 1178591 https://bugzilla.suse.com/1178963 SUSE Bug 1178963 https://www.suse.com/security/cve/CVE-2020-27670/ SUSE CVE CVE-2020-27670 page https://www.suse.com/security/cve/CVE-2020-27671/ SUSE CVE CVE-2020-27671 page https://www.suse.com/security/cve/CVE-2020-27672/ SUSE CVE CVE-2020-27672 page https://www.suse.com/security/cve/CVE-2020-27674/ SUSE CVE CVE-2020-27674 page https://www.suse.com/security/cve/CVE-2020-28368/ SUSE CVE CVE-2020-28368 page openSUSE Leap 15.1 xen-4.12.4_04-lp151.2.33.1 xen-devel-4.12.4_04-lp151.2.33.1 xen-doc-html-4.12.4_04-lp151.2.33.1 xen-libs-4.12.4_04-lp151.2.33.1 xen-libs-32bit-4.12.4_04-lp151.2.33.1 xen-tools-4.12.4_04-lp151.2.33.1 xen-tools-domU-4.12.4_04-lp151.2.33.1 xen-4.12.4_04-lp151.2.33.1 as a component of openSUSE Leap 15.1 xen-devel-4.12.4_04-lp151.2.33.1 as a component of openSUSE Leap 15.1 xen-doc-html-4.12.4_04-lp151.2.33.1 as a component of openSUSE Leap 15.1 xen-libs-4.12.4_04-lp151.2.33.1 as a component of openSUSE Leap 15.1 xen-libs-32bit-4.12.4_04-lp151.2.33.1 as a component of openSUSE Leap 15.1 xen-tools-4.12.4_04-lp151.2.33.1 as a component of openSUSE Leap 15.1 xen-tools-domU-4.12.4_04-lp151.2.33.1 as a component of openSUSE Leap 15.1 An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. CVE-2020-27670 openSUSE Leap 15.1:xen-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-devel-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-doc-html-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-libs-32bit-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-libs-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-tools-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-tools-domU-4.12.4_04-lp151.2.33.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5GBNU2YMLJN6R7ACNKZML4MG7X35FZTY/ https://www.suse.com/security/cve/CVE-2020-27670.html CVE-2020-27670 https://bugzilla.suse.com/1177414 SUSE Bug 1177414 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/1183925 SUSE Bug 1183925 An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled. CVE-2020-27671 openSUSE Leap 15.1:xen-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-devel-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-doc-html-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-libs-32bit-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-libs-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-tools-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-tools-domU-4.12.4_04-lp151.2.33.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5GBNU2YMLJN6R7ACNKZML4MG7X35FZTY/ https://www.suse.com/security/cve/CVE-2020-27671.html CVE-2020-27671 https://bugzilla.suse.com/1177413 SUSE Bug 1177413 https://bugzilla.suse.com/1183925 SUSE Bug 1183925 An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages. CVE-2020-27672 openSUSE Leap 15.1:xen-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-devel-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-doc-html-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-libs-32bit-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-libs-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-tools-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-tools-domU-4.12.4_04-lp151.2.33.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5GBNU2YMLJN6R7ACNKZML4MG7X35FZTY/ https://www.suse.com/security/cve/CVE-2020-27672.html CVE-2020-27672 https://bugzilla.suse.com/1177412 SUSE Bug 1177412 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/1183925 SUSE Bug 1183925 An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique. CVE-2020-27674 openSUSE Leap 15.1:xen-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-devel-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-doc-html-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-libs-32bit-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-libs-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-tools-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-tools-domU-4.12.4_04-lp151.2.33.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5GBNU2YMLJN6R7ACNKZML4MG7X35FZTY/ https://www.suse.com/security/cve/CVE-2020-27674.html CVE-2020-27674 https://bugzilla.suse.com/1177409 SUSE Bug 1177409 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen. CVE-2020-28368 openSUSE Leap 15.1:xen-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-devel-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-doc-html-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-libs-32bit-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-libs-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-tools-4.12.4_04-lp151.2.33.1 openSUSE Leap 15.1:xen-tools-domU-4.12.4_04-lp151.2.33.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5GBNU2YMLJN6R7ACNKZML4MG7X35FZTY/ https://www.suse.com/security/cve/CVE-2020-28368.html CVE-2020-28368 https://bugzilla.suse.com/1178591 SUSE Bug 1178591 https://bugzilla.suse.com/1178658 SUSE Bug 1178658