Overview

File _patchinfo of Package patchinfo.13982

<patchinfo incident="13982">
  <issue tracker="bnc" id="1155945">EMU: VUL-0: CVE-2018-12207: xen: Machine Check Error Avoidance on Page Size Change (aka IFU issue) (XSA-304)</issue>
  <issue tracker="bnc" id="1152497">VUL-0: CVE-2019-11135: xen:  TSX Asynchronous Abort (TAA) issue (XSA-305)</issue>
  <issue tracker="bnc" id="1157888">VUL-0: CVE-2019-19579: xen: XSA-306 Device quarantine for alternate pci assignment methods</issue>
  <issue tracker="bnc" id="1158004">VUL-0: CVE-2019-19583: xen: XSA-308 - VMX: VMentry failure with debug exceptions and blocked states</issue>
  <issue tracker="bnc" id="1158007">VUL-0: CVE-2019-19577: xen: XSA-311 - dynamic height for the IOMMU pagetables</issue>
  <issue tracker="bnc" id="1154461">VUL-0: CVE-2019-18424: xen: XSA-302 v5: passed through PCI devices may corrupt host memory after deassignment</issue>
  <issue tracker="bnc" id="1158003">VUL-0: CVE-2019-19581,CVE-2019-19582: xen: XSA-307 v3 - find_next_bit() issues</issue>
  <issue tracker="bnc" id="1158006">VUL-0: CVE-2019-19580: xen: XSA-310 - Further issues with restartable PV type change operations</issue>
  <issue tracker="bnc" id="1154448">VUL-0: CVE-2019-18420: xen: XSA-296 v4:  VCPUOP_initialise DoS</issue>
  <issue tracker="bnc" id="1158005">VUL-0: CVE-2019-19578: xen: XSA-309 - Linear pagetable use / entry miscounts</issue>
  <issue tracker="bnc" id="1154458">VUL-0: CVE-2019-18421: xen: XSA-299 v4: Issues with restartable PV type change operations</issue>
  <issue tracker="bnc" id="1161181">VUL-0: CVE-2020-7211: xen: potential directory traversal using relative paths via tftp server on Windows host</issue>
  <issue tracker="bnc" id="1154456">VUL-0: CVE-2019-18425: xen: XSA-298 v3: missing descriptor table limit checking in x86 PV emulation</issue>
  <issue tracker="cve" id="2019-19580"/>
  <issue tracker="cve" id="2019-18420"/>
  <issue tracker="cve" id="2019-19583"/>
  <issue tracker="cve" id="2019-19578"/>
  <issue tracker="cve" id="2019-18421"/>
  <issue tracker="cve" id="2020-7211"/>
  <issue tracker="cve" id="2019-19577"/>
  <issue tracker="cve" id="2019-19581"/>
  <issue tracker="cve" id="2019-18424"/>
  <issue tracker="cve" id="2018-12207"/>
  <issue tracker="cve" id="2019-11135"/>
  <issue tracker="cve" id="2019-18425"/>
  <issue tracker="cve" id="2019-19579"/>
  <packager>charlesa</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for xen</summary>
  <description>This update for xen fixes the following issues:

- CVE-2020-7211: potential directory traversal using relative paths via tftp server on Windows host (bsc#1161181).
- CVE-2019-19579: Device quarantine for alternate pci assignment methods (bsc#1157888).
- CVE-2019-19581: find_next_bit() issues (bsc#1158003).
- CVE-2019-19583: VMentry failure with debug exceptions and blocked states (bsc#1158004).
- CVE-2019-19578: Linear pagetable use / entry miscounts (bsc#1158005).
- CVE-2019-19580: Further issues with restartable PV type change operations (bsc#1158006).
- CVE-2019-19577: dynamic height for the IOMMU pagetables (bsc#1158007).
- CVE-2019-18420: VCPUOP_initialise DoS (bsc#1154448).
- CVE-2019-18425: missing descriptor table limit checking in x86 PV emulation (bsc#1154456).
- CVE-2019-18421: Issues with restartable PV type change operations (bsc#1154458).
- CVE-2019-18424: passed through PCI devices may corrupt host memory after deassignment (bsc#1154461).
- CVE-2018-12207: Machine Check Error Avoidance on Page Size Change (aka IFU issue) (bsc#1155945).
- CVE-2019-11135: TSX Asynchronous Abort (TAA) issue (bsc#1152497).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places