Overview

File _patchinfo of Package patchinfo.8425

<patchinfo incident="8425">
  <issue tracker="bnc" id="1027519">Xen: Missing upstream bug fixes</issue>
  <issue tracker="bnc" id="1101684">L3: SLES11 SP4 xen not able to disable the visibility of the new CPU flags</issue>
  <issue tracker="bnc" id="1091107">VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM (XSA-273)</issue>
  <issue tracker="bnc" id="1102116">SSBD is not virtualized for guests</issue>
  <issue tracker="cve" id="2018-3646"/>
  <category>security</category>
  <rating>important</rating>
  <packager>charlesa</packager>
  <description>This update for xen fixes the following issues:

This security issue was fixed:

- CVE-2018-3646: Systems with microprocessors utilizing speculative execution
  and address translations may have allowed unauthorized disclosure of
  information residing in the L1 data cache to an attacker with local user access
  with guest OS privilege via a terminal page fault and a side-channel analysis
  (bsc#1091107, bsc#1027519).

These non-security issue were fixed:

- bsc#1102116: SSBD is not virtualized for guests
- bsc#1101684: Not able to disable the visibility of the new CPU flags
</description>
  <summary>Security update for xen</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places