SUSE SLES12 Security Update : xen (SUSE-SU-2020:0334-1)

This update for xen fixes the following issues : CVE-2020-7211: potential directory traversal using relative paths via tftp server on Windows host bsc1161181. CVE-2019-19579: Device quarantine for alternate pci assignment methods bsc1157888. CVE-2019-19581: findnextbit issues bsc1158003...

Linear pagetable use / entry miscounts

ISSUE DESCRIPTION "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to another pagetable of the same or higher level. Xen has limited support for linear pagetables: A page may either point to itself, or point to another pagetable of the same level i.e., L...

Xen Project Preemtible Linear Pagetable Denial of Service Vulnerability (XSA-290)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability. Only x86 systems are affected. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware...

missing preemption in x86 PV page table unvalidation

ISSUE DESCRIPTION XSA-273 changes required, among other things, making any PTE updates restartable. The changes making PTE updates restartable assumed that L2 pagetables would always be promoted preemptibly; but this turns out not to be the case when using the 'linear pagetable' feature; the resu...