openSUSE-SU-2020:0818-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:0818-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2020:0818-1
- Related
- Published
- 2020-06-14T16:26:57Z
- Modified
- 2020-06-14T16:26:57Z
- Summary
- Security update for xen
- Details
-
This update for xen to version 4.12.3 fixes the following issues:
- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1172205).
- Added support for new 64bit libxl memory API (bsc#1167007 and bsc#1157490).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GRJJ64XQBFNSNFR6IVUVZQQYKIPTZY7K/
- https://bugzilla.suse.com/1027519
- https://bugzilla.suse.com/1157490
- https://bugzilla.suse.com/1167007
- https://bugzilla.suse.com/1172205
- https://www.suse.com/security/cve/CVE-2020-0543
Affected packages
openSUSE:Leap 15.1 / xen
Package
- Name
- xen
- Purl
- purl:rpm/suse/xen&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.12.3_02-lp151.2.18.2
Ecosystem specific
{
"binaries": [
{
"xen-tools-domU": "4.12.3_02-lp151.2.18.2",
"xen-libs": "4.12.3_02-lp151.2.18.2",
"xen-doc-html": "4.12.3_02-lp151.2.18.2",
"xen-libs-32bit": "4.12.3_02-lp151.2.18.2",
"xen-tools": "4.12.3_02-lp151.2.18.2",
"xen-devel": "4.12.3_02-lp151.2.18.2",
"xen": "4.12.3_02-lp151.2.18.2"
}
]
}