SUSE-SU-2019:3338-1 -- SLES xenID: oval:org.secpod.oval:def:89050610 | Date: (C)2023-10-16 (M)2023-10-15 |
Class: PATCH | Family: unix |
This update for xen fixes the following issues: - CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm . - CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 . - CVE-2019-19583: Fixed improper checks which could have allowed HVM/PVH guest userspace code to crash the guest,leading to a guest denial of service . - CVE-2019-19578: Fixed an issue where a malicious or buggy PV guest could have caused hypervisor crash resulting in denial of service affecting the entire host . - CVE-2019-19580: Fixed a privilege escalation where a malicious PV guest administrator could have been able to escalate their privilege to that of the host . - CVE-2019-19577: Fixed an issue where a malicious guest administrator could have caused Xen to access data structures while they are being modified leading to a crash . - CVE-2019-19579: Fixed a privilege escaltion where an untrusted domain with access to a physical device can DMA into host memory . - Fixed an issue where PCI passthrough failed on AMD machine xen host .
Platform: |
SUSE Linux Enterprise Desktop 15 SP1 |
SUSE Linux Enterprise Server 15 SP1 |