File _patchinfo of Package patchinfo.8484

<patchinfo incident="8484">
  <issue tracker="bnc" id="1097521">VUL-0: CVE-2018-12891: xen: preemption checks bypassed in x86 PV MM handling (XSA-264)</issue>
  <issue tracker="bnc" id="1097523">VUL-0: CVE-2018-12892: xen: libxl fails to honour readonly flag on HVM emulated SCSI disks (XSA-266)</issue>
  <issue tracker="bnc" id="1097522">VUL-0: CVE-2018-12893: xen: x86: #DB exception safety check can be triggered by a guest (XSA-265)</issue>
  <issue tracker="bnc" id="1096224">VUL-0: CVE-2018-11806: xen: slirp: heap buffer overflow while reassembling fragmented datagrams</issue>
  <issue tracker="bnc" id="1027519">Xen: Missing upstream bug fixes</issue>
  <issue tracker="bnc" id="1087289">Xen BUG at sched_credit.c:1663</issue>
  <issue tracker="bnc" id="1095242">VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore (XSA-267)</issue>
  <issue tracker="cve" id="2018-3665"/>
  <issue tracker="cve" id="2018-11806"/>
  <issue tracker="cve" id="2018-12891"/>
  <issue tracker="cve" id="2018-12892"/>
  <issue tracker="cve" id="2018-12893"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>charlesa</packager>
  <description>This update for xen fixes the following issues:

Security issues fixed:

- CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242).
- CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521).
- CVE-2018-12892: Fix libxl to honour the readonly flag on HVM emulated SCSI disks (XSA-266) (bsc#1097523).
- CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522).
- CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224).

Bug fixes:

- bsc#1027519: Add upstream patches from January.
- bsc#1087289: Fix xen scheduler crash.

This update was imported from the SUSE:SLE-12-SP3:Update update project.</description>
  <summary>Security update for xen</summary>
</patchinfo>