Security update for xen
This update for xen to version 4.10.1 fixes several issues (bsc#1027519).
These security issues were fixed:
- CVE-2018-3639: Prevent attackers with local user access from extracting
information via a side-channel analysis, aka Speculative Store Bypass (SSB),
Variant 4 (bsc#1092631).
- CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 mitigations
(bsc#1074562).
This non-security issue was fixed:
- Always call qemus xen-save-devices-state in suspend/resume to
fix migration with qcow2 images (bsc#1079730)
-
Submitted by
Johannes Segitz (jsegitz)
Fixed bugs
bnc#1027519
Xen: Missing upstream bug fixes
bnc#1074562
VUL-0: xen: Information leak via side effects of speculative execution (XSA-254)
bnc#1079730
[migration][xen] xen be: qdisk-51712: error: Failed to get "write" lock
bnc#1092631
VUL-0: CVE-2018-3639: xen: V4 – Speculative Store Bypass aka "Memory Disambiguation" (XSA-263)
