SUSE-SU-2019:1348-1 Security update for xen

This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS -...

SUSE-SU-2019:14063-1 Security update for xen

This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS -...

Linux kernel code issue vulnerability (CNVD-2019-39687)

Linux kernel is the kernel used by Linux, an open source operating system released by the Linux Foundation in the United States. freescale hypervisor manager is one of the freescale virtual machine managers. A code issue vulnerability exists in the implementation of freescale hypervisor manager i...

Xen Project Microarchitectural Data Sampling Speculative Side-Channel Vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (XSA-297)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by microarchitectural data sampling speculative side-channel vulnerabilities. These vulnerabilities may allow a local attacker on a guest machine to sample the contents of memory reads and...

CVE-2019-10142

A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the syste...

UBUNTU-CVE-2019-10142

A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the syste...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-1407) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

The openSUSE Leap 42.3 kernel was updated to 4.4.179 to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127:...

openSUSE: Security Advisory for xen (openSUSE-SU-2019:1419-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:1407-1 Rating: important References: 1012382 1020645 1020989 1031492 1047487 1051510 1053043 1062056 1063638 1064388 1066223 1070872 1085539 1087092 1094244 1096480 1096728 1097104 1100132 1103186...

Fedora Update for xen FEDORA-2019-6458474bf2

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: xen-4.11.1-5.fc30

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

openSUSE Security Update : xen (openSUSE-2019-1403) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS -...

openSUSE: Security Advisory for xen (openSUSE-SU-2019:1403-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:1403-1 Security update for xen

This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS -...

Updated kernel-tmb packages fixes security vulnerabilities

This kernel update provides the upstream 4.14.119 that adds the kernel side mitigations for the Microarchitectural Data Sampling MDS, also called ZombieLoad attack vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU. To complete the mitigatio...

Use-After-Free

Linux kernel is vulnerable to use-after-free attacks. This is because the way the Linux kernel's KVM hypervisor implements its device control API While creating a device via kvmioctlcreatedevice. An attacker could use this flaw to crash the guest VM resulting in a denial of service issue or...

Security update for xen (important)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2019:1403-1 Rating: important References: 1027519 1079730 1098403 1111025 1111331 1120067 1120095 Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Affected Products: openSUSE Leap 15.0 An...

Ubuntu 19.04 : Linux kernel vulnerabilities (USN-3979-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

VMSA-2019-0008 : MDS Vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

a. Hypervisor Specific and Hypervisor-Assisted Guest Mitigations for MDS vulnerabilities vCenter Server, ESXi, Workstation, and Fusion updates support Hypervisor-Specific and Hypervisor-Assisted Guest Mitigations for MDS speculative execution vulnerabilities. These updates expose new CPU control...

USN-3980-2: Linux kernel (HWE) vulnerabilities

USN-3980-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andre...