SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:0909-1) (Meltdown) (Spectre)

This update for xen fixes the following issues: Update to Xen 4.7.5 bug fix only release bsc1027519 Security issues fixed : - CVE-2018-7540: Fixed DoS via non-preemptable L3/L4 pagetable freeing XSA-252 bsc1080635 - CVE-2018-7541: A grant table v2 - v1 transition may crash Xen XSA-255 bsc1080662 ...

SUSE-SU-2018:0909-1 Security update for xen

This update for xen fixes the following issues: Update to Xen 4.7.5 bug fix only release bsc1027519 Security issues fixed: - CVE-2018-7540: Fixed DoS via non-preemptable L3/L4 pagetable freeing XSA-252 bsc1080635 - CVE-2018-7541: A grant table v2 - v1 transition may crash Xen XSA-255 bsc1080662 -...

openSUSE Security Update : qemu (openSUSE-2018-8) (Spectre)

This update for qemu fixes the following issues : A new feature was added : - Support EPYC vCPU type bsc1052825 fate324038 Also a mitigation for a security problem has been applied : - CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from the host VM to the CPU, to...

ALPINE-CVE-2018-5244

In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure isn't freed when a vcpu is destroyed. This allows guest OS administrators to cause a denial of service host OS memory consumption by rebooting many...

Security update for qemu (important)

This update for qemu fixes the following issues: A new feature was added: - Support EPYC vCPU type bsc1052825 fate324038 Also a mitigation for a security problem has been applied: - CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from the host VM to the CPU, to...

x86: memory leak with MSR emulation

ISSUE DESCRIPTION In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure isn't freed when a vcpu is destroyed. IMPACT A memory allocation of 8 bytes is leaked each time a vcpu is destroyed. A malicious...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2018:0007-1) (Spectre)

This update for qemu fixes the following issues: A new feature was added : - Support EPYC vCPU type bsc1052825 fate324038 Also a mitigation for a security problem has been applied : - CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from the host VM to the CPU, to...

SUSE-SU-2018:0007-1 Security update for qemu

This update for qemu fixes the following issues: A new feature was added: - Support EPYC vCPU type bsc1052825 fate324038 Also a mitigation for a security problem has been applied: - CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from the host VM to the CPU, to...

How to Update MCS created Machine Catalog to modify vCPU, RAM.

Due to performance issues the vCPU,RAM need to be increased. This can be done by power shell...

CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

CVE-2017-10923

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service hypervisor crash, aka XSA-225. Mitigation On systems where the guest kernel is controlled by the host rather than guest administrator, running only kernels...

CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

CVE-2017-10923

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service hypervisor crash, aka XSA-225...

CVE-2017-10923

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service hypervisor crash, aka XSA-225...

CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

Design/Logic Flaw

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service hypervisor crash, aka XSA-225...

UBUNTU-CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

DEBIAN-CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

CVE-2017-10923

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service hypervisor crash, aka XSA-225...