csaf_suse - suse-su-2018:2059-1

suse-su-2018:2059-1

Vulnerability from csaf_suse

Published

2018-07-25 09:01

Modified

2018-07-25 09:01

Summary

Security update for xen

Notes

Title of the patch

Security update for xen

Description of the patch

This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242). - CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521). - CVE-2018-12892: Fix libxl to honour the readonly flag on HVM emulated SCSI disks (XSA-266) (bsc#1097523). - CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522). - CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224). Bug fixes: - bsc#1027519: Add upstream patches from January. - bsc#1087289: Fix xen scheduler crash.

Patchnames

SUSE-SLE-DESKTOP-12-SP3-2018-1388,SUSE-SLE-SDK-12-SP3-2018-1388,SUSE-SLE-SERVER-12-SP3-2018-1388

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xen",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xen fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242).\n- CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521).\n- CVE-2018-12892: Fix libxl to honour the readonly flag on HVM emulated SCSI disks (XSA-266) (bsc#1097523).\n- CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522).\n- CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224).\n\nBug fixes:\n\n- bsc#1027519: Add upstream patches from January.\n- bsc#1087289: Fix xen scheduler crash.\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-DESKTOP-12-SP3-2018-1388,SUSE-SLE-SDK-12-SP3-2018-1388,SUSE-SLE-SERVER-12-SP3-2018-1388",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2059-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2018:2059-1",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182059-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2018:2059-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-July/004308.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027519",
        "url": "https://bugzilla.suse.com/1027519"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1087289",
        "url": "https://bugzilla.suse.com/1087289"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1095242",
        "url": "https://bugzilla.suse.com/1095242"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1096224",
        "url": "https://bugzilla.suse.com/1096224"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097521",
        "url": "https://bugzilla.suse.com/1097521"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097522",
        "url": "https://bugzilla.suse.com/1097522"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097523",
        "url": "https://bugzilla.suse.com/1097523"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-11806 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-11806/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12891 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12891/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12892 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12892/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12893 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12893/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-3665 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-3665/"
      }
    ],
    "title": "Security update for xen",
    "tracking": {
      "current_release_date": "2018-07-25T09:01:02Z",
      "generator": {
        "date": "2018-07-25T09:01:02Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2018:2059-1",
      "initial_release_date": "2018-07-25T09:01:02Z",
      "revision_history": [
        {
          "date": "2018-07-25T09:01:02Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-devel-4.9.2_08-3.35.2.aarch64",
                "product": {
                  "name": "xen-devel-4.9.2_08-3.35.2.aarch64",
                  "product_id": "xen-devel-4.9.2_08-3.35.2.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.9.2_08-3.35.2.x86_64",
                "product": {
                  "name": "xen-4.9.2_08-3.35.2.x86_64",
                  "product_id": "xen-4.9.2_08-3.35.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.9.2_08-3.35.2.x86_64",
                "product": {
                  "name": "xen-libs-4.9.2_08-3.35.2.x86_64",
                  "product_id": "xen-libs-4.9.2_08-3.35.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
                "product": {
                  "name": "xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
                  "product_id": "xen-libs-32bit-4.9.2_08-3.35.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.9.2_08-3.35.2.x86_64",
                "product": {
                  "name": "xen-devel-4.9.2_08-3.35.2.x86_64",
                  "product_id": "xen-devel-4.9.2_08-3.35.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.9.2_08-3.35.2.x86_64",
                "product": {
                  "name": "xen-doc-html-4.9.2_08-3.35.2.x86_64",
                  "product_id": "xen-doc-html-4.9.2_08-3.35.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.9.2_08-3.35.2.x86_64",
                "product": {
                  "name": "xen-tools-4.9.2_08-3.35.2.x86_64",
                  "product_id": "xen-tools-4.9.2_08-3.35.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.9.2_08-3.35.2.x86_64",
                "product": {
                  "name": "xen-tools-domU-4.9.2_08-3.35.2.x86_64",
                  "product_id": "xen-tools-domU-4.9.2_08-3.35.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Desktop 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Desktop 12 SP3",
                  "product_id": "SUSE Linux Enterprise Desktop 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sled:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP3",
                  "product_id": "SUSE Linux Enterprise Server 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
          "product_id": "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
          "product_id": "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-libs-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
          "product_id": "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.9.2_08-3.35.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64"
        },
        "product_reference": "xen-devel-4.9.2_08-3.35.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-devel-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-libs-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-tools-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-libs-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-tools-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.2_08-3.35.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.2_08-3.35.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-11806",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-11806"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-11806",
          "url": "https://www.suse.com/security/cve/CVE-2018-11806"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1096223 for CVE-2018-11806",
          "url": "https://bugzilla.suse.com/1096223"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1096224 for CVE-2018-11806",
          "url": "https://bugzilla.suse.com/1096224"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-11806",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-07-25T09:01:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-11806"
    },
    {
      "cve": "CVE-2018-12891",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12891"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12891",
          "url": "https://www.suse.com/security/cve/CVE-2018-12891"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1097521 for CVE-2018-12891",
          "url": "https://bugzilla.suse.com/1097521"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-12891",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-07-25T09:01:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12891"
    },
    {
      "cve": "CVE-2018-12892",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12892"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or (in some situations) users may be able to write to supposedly read-only disk images. Only emulated SCSI disks (specified as \"sd\" in the libxl disk configuration, or an equivalent) are affected. IDE disks (\"hd\") are not affected (because attempts to make them readonly are rejected). Additionally, CDROM devices (that is, devices specified to be presented to the guest as CDROMs, regardless of the nature of the backing storage on the host) are not affected; they are always read only. Only systems using qemu-xen (rather than qemu-xen-traditional) as the device model version are vulnerable. Only systems using libxl or libxl-based toolstacks are vulnerable. (This includes xl, and libvirt with the libxl driver.) The vulnerability is present in Xen versions 4.7 and later. (In earlier versions, provided that the patch for XSA-142 has been applied, attempts to create read only disks are rejected.) If the host and guest together usually support PVHVM, the issue is exploitable only if the malicious guest administrator has control of the guest kernel or guest kernel command line.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12892",
          "url": "https://www.suse.com/security/cve/CVE-2018-12892"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1097523 for CVE-2018-12892",
          "url": "https://bugzilla.suse.com/1097523"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-07-25T09:01:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12892"
    },
    {
      "cve": "CVE-2018-12893",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12893"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12893",
          "url": "https://www.suse.com/security/cve/CVE-2018-12893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1097522 for CVE-2018-12893",
          "url": "https://bugzilla.suse.com/1097522"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-12893",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-07-25T09:01:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12893"
    },
    {
      "cve": "CVE-2018-3665",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-3665"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-3665",
          "url": "https://www.suse.com/security/cve/CVE-2018-3665"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087078 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1087078"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1087082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087086 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1087086"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1090338 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1090338"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1095241 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1095241"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1095242 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1095242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1096740 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1096740"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1100091 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1100091"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1100555 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1100555"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.2_08-3.35.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.2_08-3.35.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-07-25T09:01:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-3665"
    }
  ]
}

CVE-2018-12892 (GCVE-0-2018-12892)

Vulnerability from cvelistv5

Published

2018-07-02 17:00

Modified

2024-08-05 08:45

Severity ?

CWE

Summary

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or (in some situations) users may be able to write to supposedly read-only disk images. Only emulated SCSI disks (specified as "sd" in the libxl disk configuration, or an equivalent) are affected. IDE disks ("hd") are not affected (because attempts to make them readonly are rejected). Additionally, CDROM devices (that is, devices specified to be presented to the guest as CDROMs, regardless of the nature of the backing storage on the host) are not affected; they are always read only. Only systems using qemu-xen (rather than qemu-xen-traditional) as the device model version are vulnerable. Only systems using libxl or libxl-based toolstacks are vulnerable. (This includes xl, and libvirt with the libxl driver.) The vulnerability is present in Xen versions 4.7 and later. (In earlier versions, provided that the patch for XSA-142 has been applied, attempts to create read only disks are rejected.) If the host and guest together usually support PVHVM, the issue is exploitable only if the malicious guest administrator has control of the guest kernel or guest kernel command line.

References

►

URL

Tags

	https://www.debian.org/security/2018/dsa-4236	vendor-advisory, x_refsource_DEBIAN
	https://security.gentoo.org/glsa/201810-06	vendor-advisory, x_refsource_GENTOO
	http://www.securityfocus.com/bid/104571	vdb-entry, x_refsource_BID
	http://xenbits.xen.org/xsa/advisory-266.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1041203	vdb-entry, x_refsource_SECTRACK
	http://www.openwall.com/lists/oss-security/2018/06/27/12	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:45:02.317Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4236",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4236"
          },
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "104571",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104571"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-266.html"
          },
          {
            "name": "1041203",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041203"
          },
          {
            "name": "[oss-security] 20180627 Xen Security Advisory 266 (CVE-2018-12892) - libxl fails to honour readonly flag on HVM emulated SCSI disks",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2018/06/27/12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or (in some situations) users may be able to write to supposedly read-only disk images. Only emulated SCSI disks (specified as \"sd\" in the libxl disk configuration, or an equivalent) are affected. IDE disks (\"hd\") are not affected (because attempts to make them readonly are rejected). Additionally, CDROM devices (that is, devices specified to be presented to the guest as CDROMs, regardless of the nature of the backing storage on the host) are not affected; they are always read only. Only systems using qemu-xen (rather than qemu-xen-traditional) as the device model version are vulnerable. Only systems using libxl or libxl-based toolstacks are vulnerable. (This includes xl, and libvirt with the libxl driver.) The vulnerability is present in Xen versions 4.7 and later. (In earlier versions, provided that the patch for XSA-142 has been applied, attempts to create read only disks are rejected.) If the host and guest together usually support PVHVM, the issue is exploitable only if the malicious guest administrator has control of the guest kernel or guest kernel command line."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-31T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4236",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4236"
        },
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "104571",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104571"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-266.html"
        },
        {
          "name": "1041203",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041203"
        },
        {
          "name": "[oss-security] 20180627 Xen Security Advisory 266 (CVE-2018-12892) - libxl fails to honour readonly flag on HVM emulated SCSI disks",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2018/06/27/12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-12892",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or (in some situations) users may be able to write to supposedly read-only disk images. Only emulated SCSI disks (specified as \"sd\" in the libxl disk configuration, or an equivalent) are affected. IDE disks (\"hd\") are not affected (because attempts to make them readonly are rejected). Additionally, CDROM devices (that is, devices specified to be presented to the guest as CDROMs, regardless of the nature of the backing storage on the host) are not affected; they are always read only. Only systems using qemu-xen (rather than qemu-xen-traditional) as the device model version are vulnerable. Only systems using libxl or libxl-based toolstacks are vulnerable. (This includes xl, and libvirt with the libxl driver.) The vulnerability is present in Xen versions 4.7 and later. (In earlier versions, provided that the patch for XSA-142 has been applied, attempts to create read only disks are rejected.) If the host and guest together usually support PVHVM, the issue is exploitable only if the malicious guest administrator has control of the guest kernel or guest kernel command line."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4236",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4236"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "104571",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104571"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-266.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-266.html"
            },
            {
              "name": "1041203",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041203"
            },
            {
              "name": "[oss-security] 20180627 Xen Security Advisory 266 (CVE-2018-12892) - libxl fails to honour readonly flag on HVM emulated SCSI disks",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2018/06/27/12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-12892",
    "datePublished": "2018-07-02T17:00:00",
    "dateReserved": "2018-06-26T00:00:00",
    "dateUpdated": "2024-08-05T08:45:02.317Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-12893 (GCVE-0-2018-12893)

Vulnerability from cvelistv5

Published

2018-07-02 17:00

Modified

2024-08-05 08:45

Severity ?

CWE

Summary

An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users.

References

►

URL

Tags

	http://www.openwall.com/lists/oss-security/2018/06/27/11	mailing-list, x_refsource_MLIST
	https://www.debian.org/security/2018/dsa-4236	vendor-advisory, x_refsource_DEBIAN
	https://support.citrix.com/article/CTX235748	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201810-06	vendor-advisory, x_refsource_GENTOO
	https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=1590979	x_refsource_CONFIRM
	http://xenbits.xen.org/xsa/advisory-265.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/104572	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1041202	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:45:02.554Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20180627 Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guest",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2018/06/27/11"
          },
          {
            "name": "DSA-4236",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4236"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX235748"
          },
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590979"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-265.html"
          },
          {
            "name": "104572",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104572"
          },
          {
            "name": "1041202",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041202"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20180627 Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guest",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2018/06/27/11"
        },
        {
          "name": "DSA-4236",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4236"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX235748"
        },
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590979"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-265.html"
        },
        {
          "name": "104572",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104572"
        },
        {
          "name": "1041202",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041202"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-12893",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20180627 Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guest",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2018/06/27/11"
            },
            {
              "name": "DSA-4236",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4236"
            },
            {
              "name": "https://support.citrix.com/article/CTX235748",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX235748"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1590979",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590979"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-265.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-265.html"
            },
            {
              "name": "104572",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104572"
            },
            {
              "name": "1041202",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041202"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-12893",
    "datePublished": "2018-07-02T17:00:00",
    "dateReserved": "2018-06-26T00:00:00",
    "dateUpdated": "2024-08-05T08:45:02.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-12891 (GCVE-0-2018-12891)

Vulnerability from cvelistv5

Published

2018-07-02 17:00

Modified

2024-08-05 08:45

Severity ?

CWE

Summary

An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability.

References

►

URL

Tags

	https://www.debian.org/security/2018/dsa-4236	vendor-advisory, x_refsource_DEBIAN
	https://support.citrix.com/article/CTX235748	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201810-06	vendor-advisory, x_refsource_GENTOO
	https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html	mailing-list, x_refsource_MLIST
	http://xenbits.xen.org/xsa/advisory-264.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1041201	vdb-entry, x_refsource_SECTRACK
	http://www.openwall.com/lists/oss-security/2018/06/27/10	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/104570	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:45:02.566Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4236",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4236"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX235748"
          },
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-264.html"
          },
          {
            "name": "1041201",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041201"
          },
          {
            "name": "[oss-security] 20180627 Xen Security Advisory 264 (CVE-2018-12891) - preemption checks bypassed in x86 PV MM handling",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2018/06/27/10"
          },
          {
            "name": "104570",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104570"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4236",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4236"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX235748"
        },
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-264.html"
        },
        {
          "name": "1041201",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041201"
        },
        {
          "name": "[oss-security] 20180627 Xen Security Advisory 264 (CVE-2018-12891) - preemption checks bypassed in x86 PV MM handling",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2018/06/27/10"
        },
        {
          "name": "104570",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104570"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-12891",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4236",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4236"
            },
            {
              "name": "https://support.citrix.com/article/CTX235748",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX235748"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-264.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-264.html"
            },
            {
              "name": "1041201",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041201"
            },
            {
              "name": "[oss-security] 20180627 Xen Security Advisory 264 (CVE-2018-12891) - preemption checks bypassed in x86 PV MM handling",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2018/06/27/10"
            },
            {
              "name": "104570",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104570"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-12891",
    "datePublished": "2018-07-02T17:00:00",
    "dateReserved": "2018-06-26T00:00:00",
    "dateUpdated": "2024-08-05T08:45:02.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-11806 (GCVE-0-2018-11806)

Vulnerability from cvelistv5

Published

2018-06-13 16:00

Modified

2024-08-05 08:17

Severity ?

CWE

Summary

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

References

►

URL

Tags

	https://access.redhat.com/errata/RHSA-2018:2762	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/104400	vdb-entry, x_refsource_BID
	https://usn.ubuntu.com/3826-1/	vendor-advisory, x_refsource_UBUNTU
	https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html	mailing-list, x_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2018/06/07/1	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=1586245	x_refsource_CONFIRM
	https://www.zerodayinitiative.com/advisories/ZDI-18-567/	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2018:2462	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2822	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2887	vendor-advisory, x_refsource_REDHAT
	https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html	mailing-list, x_refsource_MLIST
	https://www.debian.org/security/2019/dsa-4454	vendor-advisory, x_refsource_DEBIAN
	https://seclists.org/bugtraq/2019/May/76	mailing-list, x_refsource_BUGTRAQ
	https://access.redhat.com/errata/RHSA-2019:2892	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:17:09.239Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:2762",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2762"
          },
          {
            "name": "104400",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104400"
          },
          {
            "name": "USN-3826-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3826-1/"
          },
          {
            "name": "[qemu-devel] 20180605 [PATCH 1/2] slirp: correct size computation while concatenating mbuf",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html"
          },
          {
            "name": "[oss-security] 20180607 CVE-2018-11806 Qemu: slirp: heap buffer overflow while reassembling fragmented datagrams",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2018/06/07/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1586245"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-567/"
          },
          {
            "name": "RHSA-2018:2462",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2462"
          },
          {
            "name": "RHSA-2018:2822",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2822"
          },
          {
            "name": "RHSA-2018:2887",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2887"
          },
          {
            "name": "[debian-lts-announce] 20190509 [SECURITY] [DLA 1781-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html"
          },
          {
            "name": "DSA-4454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4454"
          },
          {
            "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/May/76"
          },
          {
            "name": "RHSA-2019:2892",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2892"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-24T15:06:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2018:2762",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2762"
        },
        {
          "name": "104400",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104400"
        },
        {
          "name": "USN-3826-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3826-1/"
        },
        {
          "name": "[qemu-devel] 20180605 [PATCH 1/2] slirp: correct size computation while concatenating mbuf",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html"
        },
        {
          "name": "[oss-security] 20180607 CVE-2018-11806 Qemu: slirp: heap buffer overflow while reassembling fragmented datagrams",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2018/06/07/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1586245"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-567/"
        },
        {
          "name": "RHSA-2018:2462",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2462"
        },
        {
          "name": "RHSA-2018:2822",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2822"
        },
        {
          "name": "RHSA-2018:2887",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2887"
        },
        {
          "name": "[debian-lts-announce] 20190509 [SECURITY] [DLA 1781-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html"
        },
        {
          "name": "DSA-4454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4454"
        },
        {
          "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/May/76"
        },
        {
          "name": "RHSA-2019:2892",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2892"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-11806",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:2762",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2762"
            },
            {
              "name": "104400",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104400"
            },
            {
              "name": "USN-3826-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3826-1/"
            },
            {
              "name": "[qemu-devel] 20180605 [PATCH 1/2] slirp: correct size computation while concatenating mbuf",
              "refsource": "MLIST",
              "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html"
            },
            {
              "name": "[oss-security] 20180607 CVE-2018-11806 Qemu: slirp: heap buffer overflow while reassembling fragmented datagrams",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2018/06/07/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1586245",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1586245"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-18-567/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-567/"
            },
            {
              "name": "RHSA-2018:2462",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2462"
            },
            {
              "name": "RHSA-2018:2822",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2822"
            },
            {
              "name": "RHSA-2018:2887",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2887"
            },
            {
              "name": "[debian-lts-announce] 20190509 [SECURITY] [DLA 1781-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html"
            },
            {
              "name": "DSA-4454",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4454"
            },
            {
              "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/May/76"
            },
            {
              "name": "RHSA-2019:2892",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2892"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-11806",
    "datePublished": "2018-06-13T16:00:00",
    "dateReserved": "2018-06-05T00:00:00",
    "dateUpdated": "2024-08-05T08:17:09.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-3665 (GCVE-0-2018-3665)

Vulnerability from cvelistv5

Published

2018-06-21 20:00

Modified

2024-09-17 01:01

Severity ?

CWE

Information Disclosure

Summary

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

References

►

URL

Tags

	https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2018:2164	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3696-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1041125	vdb-entry, x_refsource_SECTRACK
	https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2018:1944	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1852	vendor-advisory, x_refsource_REDHAT
	https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc	vendor-advisory, x_refsource_FREEBSD
	http://www.securitytracker.com/id/1041124	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2018:2165	vendor-advisory, x_refsource_REDHAT
	https://www.debian.org/security/2018/dsa-4232	vendor-advisory, x_refsource_DEBIAN
	https://usn.ubuntu.com/3698-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3696-2/	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/104460	vdb-entry, x_refsource_BID
	https://usn.ubuntu.com/3698-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2019:1170	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:1190	vendor-advisory, x_refsource_REDHAT
	https://www.oracle.com/security-alerts/cpujul2020.html	x_refsource_MISC
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	https://nvidia.custhelp.com/app/answers/detail/a_id/4787	x_refsource_CONFIRM
	https://www.synology.com/support/security/Synology_SA_18_31	x_refsource_CONFIRM
	https://security.netapp.com/advisory/ntap-20181016-0001/	x_refsource_CONFIRM
	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX235745	x_refsource_CONFIRM
	https://security.paloaltonetworks.com/CVE-2018-3665	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Intel Corporation	Intel Core-based microprocessors	Version: All

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T04:50:30.430Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
          },
          {
            "name": "RHSA-2018:2164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2164"
          },
          {
            "name": "USN-3696-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3696-1/"
          },
          {
            "name": "1041125",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041125"
          },
          {
            "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
          },
          {
            "name": "RHSA-2018:1944",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1944"
          },
          {
            "name": "RHSA-2018:1852",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1852"
          },
          {
            "name": "FreeBSD-SA-18:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
          },
          {
            "name": "1041124",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041124"
          },
          {
            "name": "RHSA-2018:2165",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2165"
          },
          {
            "name": "DSA-4232",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4232"
          },
          {
            "name": "USN-3698-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3698-1/"
          },
          {
            "name": "USN-3696-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3696-2/"
          },
          {
            "name": "104460",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104460"
          },
          {
            "name": "USN-3698-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3698-2/"
          },
          {
            "name": "RHSA-2019:1170",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1170"
          },
          {
            "name": "RHSA-2019:1190",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1190"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_18_31"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX235745"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2018-3665"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel Core-based microprocessors",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "All"
            }
          ]
        }
      ],
      "datePublic": "2018-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-15T02:22:59",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
        },
        {
          "name": "RHSA-2018:2164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2164"
        },
        {
          "name": "USN-3696-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3696-1/"
        },
        {
          "name": "1041125",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041125"
        },
        {
          "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
        },
        {
          "name": "RHSA-2018:1944",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1944"
        },
        {
          "name": "RHSA-2018:1852",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1852"
        },
        {
          "name": "FreeBSD-SA-18:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
        },
        {
          "name": "1041124",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041124"
        },
        {
          "name": "RHSA-2018:2165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2165"
        },
        {
          "name": "DSA-4232",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4232"
        },
        {
          "name": "USN-3698-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3698-1/"
        },
        {
          "name": "USN-3696-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3696-2/"
        },
        {
          "name": "104460",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104460"
        },
        {
          "name": "USN-3698-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3698-2/"
        },
        {
          "name": "RHSA-2019:1170",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1170"
        },
        {
          "name": "RHSA-2019:1190",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1190"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_18_31"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX235745"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2018-3665"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-06-13T00:00:00",
          "ID": "CVE-2018-3665",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel Core-based microprocessors",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
            },
            {
              "name": "RHSA-2018:2164",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2164"
            },
            {
              "name": "USN-3696-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3696-1/"
            },
            {
              "name": "1041125",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041125"
            },
            {
              "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
            },
            {
              "name": "RHSA-2018:1944",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1944"
            },
            {
              "name": "RHSA-2018:1852",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1852"
            },
            {
              "name": "FreeBSD-SA-18:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
            },
            {
              "name": "1041124",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041124"
            },
            {
              "name": "RHSA-2018:2165",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2165"
            },
            {
              "name": "DSA-4232",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4232"
            },
            {
              "name": "USN-3698-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3698-1/"
            },
            {
              "name": "USN-3696-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3696-2/"
            },
            {
              "name": "104460",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104460"
            },
            {
              "name": "USN-3698-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3698-2/"
            },
            {
              "name": "RHSA-2019:1170",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1170"
            },
            {
              "name": "RHSA-2019:1190",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1190"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
            },
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_18_31",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_18_31"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20181016-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
            },
            {
              "name": "https://support.citrix.com/article/CTX235745",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX235745"
            },
            {
              "name": "https://security.paloaltonetworks.com/CVE-2018-3665",
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2018-3665"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-3665",
    "datePublished": "2018-06-21T20:00:00Z",
    "dateReserved": "2017-12-28T00:00:00",
    "dateUpdated": "2024-09-17T01:01:36.405Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2018:2059-1

Vulnerability from csaf_suse

CVE-2018-12892 (GCVE-0-2018-12892)

Vulnerability from cvelistv5

CVE-2018-12893 (GCVE-0-2018-12893)

Vulnerability from cvelistv5

CVE-2018-12891 (GCVE-0-2018-12891)

Vulnerability from cvelistv5

CVE-2018-11806 (GCVE-0-2018-11806)

Vulnerability from cvelistv5

CVE-2018-3665 (GCVE-0-2018-3665)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature