csaf_suse - suse-su-2018:3490-1

suse-su-2018:3490-1

Vulnerability from csaf_suse

Published

2018-10-26 11:09

Modified

2018-10-26 11:09

Summary

Security update for xen

Notes

Title of the patch

Security update for xen

Description of the patch

This update for xen fixes the following issues: XEN was updated to the Xen 4.9.3 bug fix only release (bsc#1027519) - CVE-2018-17963: qemu_deliver_packet_iov accepted packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. (bsc#1111014) - CVE-2018-15470: oxenstored might not have enforced the configured quota-maxentity. This allowed a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS. (XSA-272) (bsc#1103279) - CVE-2018-15469: ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash). (XSA-268) (bsc#1103275) Note that SUSE does not ship ARM Xen, so we are not affected. - CVE-2018-15468: The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service. (XSA-269) (bsc#1103276) - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. (XSA-273) (bsc#1091107) Non security issues fixed: - The affinity reporting via 'xl vcpu-list' was broken (bsc#1106263) - Kernel oops in fs/dcache.c called by d_materialise_unique() (bsc#1094508)

Patchnames

SUSE-SLE-DESKTOP-12-SP3-2018-2492,SUSE-SLE-SDK-12-SP3-2018-2492,SUSE-SLE-SERVER-12-SP3-2018-2492

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xen",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xen fixes the following issues:\n\nXEN was updated to the Xen 4.9.3 bug fix only release (bsc#1027519)\n\n- CVE-2018-17963: qemu_deliver_packet_iov accepted packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. (bsc#1111014)\n- CVE-2018-15470: oxenstored might not have enforced the configured quota-maxentity. This allowed a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS.  (XSA-272) (bsc#1103279)\n- CVE-2018-15469: ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash). (XSA-268) (bsc#1103275)\n  Note that SUSE does not ship ARM Xen, so we are not affected.\n- CVE-2018-15468: The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service. (XSA-269) (bsc#1103276)\n- CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. (XSA-273) (bsc#1091107)\n\nNon security issues fixed:\n\n- The affinity reporting via \u0027xl vcpu-list\u0027 was broken (bsc#1106263)\n- Kernel oops in fs/dcache.c called by d_materialise_unique() (bsc#1094508)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-DESKTOP-12-SP3-2018-2492,SUSE-SLE-SDK-12-SP3-2018-2492,SUSE-SLE-SERVER-12-SP3-2018-2492",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3490-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2018:3490-1",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183490-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2018:3490-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004800.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027519",
        "url": "https://bugzilla.suse.com/1027519"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1078292",
        "url": "https://bugzilla.suse.com/1078292"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1091107",
        "url": "https://bugzilla.suse.com/1091107"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1094508",
        "url": "https://bugzilla.suse.com/1094508"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1103275",
        "url": "https://bugzilla.suse.com/1103275"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1103276",
        "url": "https://bugzilla.suse.com/1103276"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1103279",
        "url": "https://bugzilla.suse.com/1103279"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106263",
        "url": "https://bugzilla.suse.com/1106263"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111014",
        "url": "https://bugzilla.suse.com/1111014"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-15468 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-15468/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-15469 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-15469/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-15470 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-15470/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17963 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17963/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-3646 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-3646/"
      }
    ],
    "title": "Security update for xen",
    "tracking": {
      "current_release_date": "2018-10-26T11:09:27Z",
      "generator": {
        "date": "2018-10-26T11:09:27Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2018:3490-1",
      "initial_release_date": "2018-10-26T11:09:27Z",
      "revision_history": [
        {
          "date": "2018-10-26T11:09:27Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-devel-4.9.3_03-3.44.2.aarch64",
                "product": {
                  "name": "xen-devel-4.9.3_03-3.44.2.aarch64",
                  "product_id": "xen-devel-4.9.3_03-3.44.2.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.9.3_03-3.44.2.x86_64",
                "product": {
                  "name": "xen-4.9.3_03-3.44.2.x86_64",
                  "product_id": "xen-4.9.3_03-3.44.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.9.3_03-3.44.2.x86_64",
                "product": {
                  "name": "xen-libs-4.9.3_03-3.44.2.x86_64",
                  "product_id": "xen-libs-4.9.3_03-3.44.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
                "product": {
                  "name": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
                  "product_id": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.9.3_03-3.44.2.x86_64",
                "product": {
                  "name": "xen-devel-4.9.3_03-3.44.2.x86_64",
                  "product_id": "xen-devel-4.9.3_03-3.44.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.9.3_03-3.44.2.x86_64",
                "product": {
                  "name": "xen-doc-html-4.9.3_03-3.44.2.x86_64",
                  "product_id": "xen-doc-html-4.9.3_03-3.44.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.9.3_03-3.44.2.x86_64",
                "product": {
                  "name": "xen-tools-4.9.3_03-3.44.2.x86_64",
                  "product_id": "xen-tools-4.9.3_03-3.44.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.9.3_03-3.44.2.x86_64",
                "product": {
                  "name": "xen-tools-domU-4.9.3_03-3.44.2.x86_64",
                  "product_id": "xen-tools-domU-4.9.3_03-3.44.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Desktop 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Desktop 12 SP3",
                  "product_id": "SUSE Linux Enterprise Desktop 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sled:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP3",
                  "product_id": "SUSE Linux Enterprise Server 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
          "product_id": "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
          "product_id": "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-libs-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
          "product_id": "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.9.3_03-3.44.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64"
        },
        "product_reference": "xen-devel-4.9.3_03-3.44.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-devel-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-libs-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-tools-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-libs-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-tools-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.3_03-3.44.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-15468",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-15468"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-15468",
          "url": "https://www.suse.com/security/cve/CVE-2018-15468"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1103276 for CVE-2018-15468",
          "url": "https://bugzilla.suse.com/1103276"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-26T11:09:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-15468"
    },
    {
      "cve": "CVE-2018-15469",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-15469"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-15469",
          "url": "https://www.suse.com/security/cve/CVE-2018-15469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1103275 for CVE-2018-15469",
          "url": "https://bugzilla.suse.com/1103275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-26T11:09:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-15469"
    },
    {
      "cve": "CVE-2018-15470",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-15470"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 \"Operations on data structures\" of the OCaml manual, the order of evaluation of subexpressions is not specified. In practice, different implementations behave differently. Thus, oxenstored may not enforce the configured quota-maxentity. This allows a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-15470",
          "url": "https://www.suse.com/security/cve/CVE-2018-15470"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1103279 for CVE-2018-15470",
          "url": "https://bugzilla.suse.com/1103279"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-26T11:09:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-15470"
    },
    {
      "cve": "CVE-2018-17963",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17963"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17963",
          "url": "https://www.suse.com/security/cve/CVE-2018-17963"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1111013 for CVE-2018-17963",
          "url": "https://bugzilla.suse.com/1111013"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1111014 for CVE-2018-17963",
          "url": "https://bugzilla.suse.com/1111014"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-17963",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-26T11:09:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-17963"
    },
    {
      "cve": "CVE-2018-3646",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-3646"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-3646",
          "url": "https://www.suse.com/security/cve/CVE-2018-3646"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087078 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1087078"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087081 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1087081"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1089343 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1089343"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1091107 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1091107"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1099306 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1099306"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1104365 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1104365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1104894 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1104894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1106548 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1106548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1113534 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1113534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1136865 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1136865"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1178658"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201877 for CVE-2018-3646",
          "url": "https://bugzilla.suse.com/1201877"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-26T11:09:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-3646"
    }
  ]
}

CVE-2018-15468 (GCVE-0-2018-15468)

Vulnerability from cvelistv5

Published

2018-08-17 17:00

Modified

2024-08-05 09:54

Severity ?

CWE

Summary

An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service.

References

►

URL

Tags

	http://xenbits.xen.org/xsa/advisory-269.html	x_refsource_MISC
	https://security.gentoo.org/glsa/201810-06	vendor-advisory, x_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-269.html"
          },
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-08-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-31T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-269.html"
        },
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-15468",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://xenbits.xen.org/xsa/advisory-269.html",
              "refsource": "MISC",
              "url": "http://xenbits.xen.org/xsa/advisory-269.html"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-15468",
    "datePublished": "2018-08-17T17:00:00",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-08-05T09:54:03.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-3646 (GCVE-0-2018-3646)

Vulnerability from cvelistv5

Published

2018-08-14 19:00

Modified

2024-09-17 02:27

Severity ?

CWE

Information Disclosure

Summary

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.

References

►

URL

Tags

	https://www.kb.cert.org/vuls/id/982149	third-party-advisory, x_refsource_CERT-VN
	http://www.securitytracker.com/id/1041451	vdb-entry, x_refsource_SECTRACK
	https://security.gentoo.org/glsa/201810-06	vendor-advisory, x_refsource_GENTOO
	https://usn.ubuntu.com/3741-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:2393	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3823-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:2389	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1042004	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2018:2390	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2403	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/105080	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2018:2395	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2384	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3740-2/	vendor-advisory, x_refsource_UBUNTU
	https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc	vendor-advisory, x_refsource_FREEBSD
	https://www.debian.org/security/2018/dsa-4274	vendor-advisory, x_refsource_DEBIAN
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/	vendor-advisory, x_refsource_FEDORA
	https://access.redhat.com/errata/RHSA-2018:2388	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3741-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:2603	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2402	vendor-advisory, x_refsource_REDHAT
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel	vendor-advisory, x_refsource_CISCO
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/	vendor-advisory, x_refsource_FEDORA
	https://usn.ubuntu.com/3742-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:2404	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3740-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:2391	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2396	vendor-advisory, x_refsource_REDHAT
	https://www.debian.org/security/2018/dsa-4279	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2018:2392	vendor-advisory, x_refsource_REDHAT
	https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3742-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:2602	vendor-advisory, x_refsource_REDHAT
	https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2018:2394	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2387	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3756-1/	vendor-advisory, x_refsource_UBUNTU
	https://www.oracle.com/security-alerts/cpujul2020.html	x_refsource_MISC
	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html	x_refsource_CONFIRM
	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html	x_refsource_MISC
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	http://xenbits.xen.org/xsa/advisory-273.html	x_refsource_CONFIRM
	https://foreshadowattack.eu/	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-20180815-0001/	x_refsource_CONFIRM
	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018	x_refsource_CONFIRM
	http://support.lenovo.com/us/en/solutions/LEN-24163	x_refsource_CONFIRM
	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en	x_refsource_CONFIRM
	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html	x_refsource_CONFIRM
	https://www.synology.com/support/security/Synology_SA_18_45	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf	x_refsource_CONFIRM
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us	x_refsource_CONFIRM
	https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf	x_refsource_CONFIRM
	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010	x_refsource_CONFIRM
	http://www.vmware.com/security/advisories/VMSA-2018-0020.html	x_refsource_CONFIRM
	https://support.f5.com/csp/article/K31300402	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Intel Corporation	Multiple	Version: Multiple

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T04:50:30.406Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#982149",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/982149"
          },
          {
            "name": "1041451",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041451"
          },
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "USN-3741-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3741-2/"
          },
          {
            "name": "RHSA-2018:2393",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2393"
          },
          {
            "name": "USN-3823-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3823-1/"
          },
          {
            "name": "RHSA-2018:2389",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2389"
          },
          {
            "name": "1042004",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1042004"
          },
          {
            "name": "RHSA-2018:2390",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2390"
          },
          {
            "name": "RHSA-2018:2403",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2403"
          },
          {
            "name": "105080",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105080"
          },
          {
            "name": "RHSA-2018:2395",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2395"
          },
          {
            "name": "RHSA-2018:2384",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2384"
          },
          {
            "name": "USN-3740-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3740-2/"
          },
          {
            "name": "FreeBSD-SA-18:09",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc"
          },
          {
            "name": "DSA-4274",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4274"
          },
          {
            "name": "FEDORA-2018-1c80fea1cd",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/"
          },
          {
            "name": "RHSA-2018:2388",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2388"
          },
          {
            "name": "USN-3741-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3741-1/"
          },
          {
            "name": "RHSA-2018:2603",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2603"
          },
          {
            "name": "RHSA-2018:2402",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2402"
          },
          {
            "name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
          },
          {
            "name": "FEDORA-2018-f8cba144ae",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/"
          },
          {
            "name": "USN-3742-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3742-2/"
          },
          {
            "name": "RHSA-2018:2404",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2404"
          },
          {
            "name": "USN-3740-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3740-1/"
          },
          {
            "name": "RHSA-2018:2391",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2391"
          },
          {
            "name": "RHSA-2018:2396",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2396"
          },
          {
            "name": "DSA-4279",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4279"
          },
          {
            "name": "RHSA-2018:2392",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2392"
          },
          {
            "name": "[debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"
          },
          {
            "name": "USN-3742-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3742-1/"
          },
          {
            "name": "RHSA-2018:2602",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2602"
          },
          {
            "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
          },
          {
            "name": "RHSA-2018:2394",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2394"
          },
          {
            "name": "RHSA-2018:2387",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2387"
          },
          {
            "name": "USN-3756-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3756-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-273.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://foreshadowattack.eu/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_18_45"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2018-0020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K31300402"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Multiple",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Multiple"
            }
          ]
        }
      ],
      "datePublic": "2018-08-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-15T02:22:59",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "VU#982149",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/982149"
        },
        {
          "name": "1041451",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041451"
        },
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "USN-3741-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3741-2/"
        },
        {
          "name": "RHSA-2018:2393",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2393"
        },
        {
          "name": "USN-3823-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3823-1/"
        },
        {
          "name": "RHSA-2018:2389",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2389"
        },
        {
          "name": "1042004",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1042004"
        },
        {
          "name": "RHSA-2018:2390",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2390"
        },
        {
          "name": "RHSA-2018:2403",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2403"
        },
        {
          "name": "105080",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105080"
        },
        {
          "name": "RHSA-2018:2395",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2395"
        },
        {
          "name": "RHSA-2018:2384",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2384"
        },
        {
          "name": "USN-3740-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3740-2/"
        },
        {
          "name": "FreeBSD-SA-18:09",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc"
        },
        {
          "name": "DSA-4274",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4274"
        },
        {
          "name": "FEDORA-2018-1c80fea1cd",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/"
        },
        {
          "name": "RHSA-2018:2388",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2388"
        },
        {
          "name": "USN-3741-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3741-1/"
        },
        {
          "name": "RHSA-2018:2603",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2603"
        },
        {
          "name": "RHSA-2018:2402",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2402"
        },
        {
          "name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
        },
        {
          "name": "FEDORA-2018-f8cba144ae",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/"
        },
        {
          "name": "USN-3742-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3742-2/"
        },
        {
          "name": "RHSA-2018:2404",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2404"
        },
        {
          "name": "USN-3740-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3740-1/"
        },
        {
          "name": "RHSA-2018:2391",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2391"
        },
        {
          "name": "RHSA-2018:2396",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2396"
        },
        {
          "name": "DSA-4279",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4279"
        },
        {
          "name": "RHSA-2018:2392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2392"
        },
        {
          "name": "[debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"
        },
        {
          "name": "USN-3742-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3742-1/"
        },
        {
          "name": "RHSA-2018:2602",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2602"
        },
        {
          "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
        },
        {
          "name": "RHSA-2018:2394",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2394"
        },
        {
          "name": "RHSA-2018:2387",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2387"
        },
        {
          "name": "USN-3756-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3756-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-273.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://foreshadowattack.eu/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_18_45"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2018-0020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K31300402"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-08-14T00:00:00",
          "ID": "CVE-2018-3646",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Multiple",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Multiple"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#982149",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/982149"
            },
            {
              "name": "1041451",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041451"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "USN-3741-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3741-2/"
            },
            {
              "name": "RHSA-2018:2393",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2393"
            },
            {
              "name": "USN-3823-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3823-1/"
            },
            {
              "name": "RHSA-2018:2389",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2389"
            },
            {
              "name": "1042004",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1042004"
            },
            {
              "name": "RHSA-2018:2390",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2390"
            },
            {
              "name": "RHSA-2018:2403",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2403"
            },
            {
              "name": "105080",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105080"
            },
            {
              "name": "RHSA-2018:2395",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2395"
            },
            {
              "name": "RHSA-2018:2384",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2384"
            },
            {
              "name": "USN-3740-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3740-2/"
            },
            {
              "name": "FreeBSD-SA-18:09",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc"
            },
            {
              "name": "DSA-4274",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4274"
            },
            {
              "name": "FEDORA-2018-1c80fea1cd",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/"
            },
            {
              "name": "RHSA-2018:2388",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2388"
            },
            {
              "name": "USN-3741-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3741-1/"
            },
            {
              "name": "RHSA-2018:2603",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2603"
            },
            {
              "name": "RHSA-2018:2402",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2402"
            },
            {
              "name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
            },
            {
              "name": "FEDORA-2018-f8cba144ae",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/"
            },
            {
              "name": "USN-3742-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3742-2/"
            },
            {
              "name": "RHSA-2018:2404",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2404"
            },
            {
              "name": "USN-3740-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3740-1/"
            },
            {
              "name": "RHSA-2018:2391",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2391"
            },
            {
              "name": "RHSA-2018:2396",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2396"
            },
            {
              "name": "DSA-4279",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4279"
            },
            {
              "name": "RHSA-2018:2392",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2392"
            },
            {
              "name": "[debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"
            },
            {
              "name": "USN-3742-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3742-1/"
            },
            {
              "name": "RHSA-2018:2602",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2602"
            },
            {
              "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
            },
            {
              "name": "RHSA-2018:2394",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2394"
            },
            {
              "name": "RHSA-2018:2387",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2387"
            },
            {
              "name": "USN-3756-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3756-1/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
              "refsource": "CONFIRM",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-273.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-273.html"
            },
            {
              "name": "https://foreshadowattack.eu/",
              "refsource": "MISC",
              "url": "https://foreshadowattack.eu/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180815-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
            },
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018",
              "refsource": "CONFIRM",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018"
            },
            {
              "name": "http://support.lenovo.com/us/en/solutions/LEN-24163",
              "refsource": "CONFIRM",
              "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_18_45",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_18_45"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
            },
            {
              "name": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",
              "refsource": "CONFIRM",
              "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2018-0020.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2018-0020.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K31300402",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K31300402"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-3646",
    "datePublished": "2018-08-14T19:00:00Z",
    "dateReserved": "2017-12-28T00:00:00",
    "dateUpdated": "2024-09-17T02:27:21.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-15470 (GCVE-0-2018-15470)

Vulnerability from cvelistv5

Published

2018-08-17 17:00

Modified

2024-08-05 09:54

Severity ?

CWE

Summary

An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not specified. In practice, different implementations behave differently. Thus, oxenstored may not enforce the configured quota-maxentity. This allows a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS.

References

►

URL

Tags

	https://security.gentoo.org/glsa/201810-06	vendor-advisory, x_refsource_GENTOO
	https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html	mailing-list, x_refsource_MLIST
	http://xenbits.xen.org/xsa/advisory-272.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.606Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-272.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-08-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 \"Operations on data structures\" of the OCaml manual, the order of evaluation of subexpressions is not specified. In practice, different implementations behave differently. Thus, oxenstored may not enforce the configured quota-maxentity. This allows a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-272.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-15470",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 \"Operations on data structures\" of the OCaml manual, the order of evaluation of subexpressions is not specified. In practice, different implementations behave differently. Thus, oxenstored may not enforce the configured quota-maxentity. This allows a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-272.html",
              "refsource": "MISC",
              "url": "http://xenbits.xen.org/xsa/advisory-272.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-15470",
    "datePublished": "2018-08-17T17:00:00",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-08-05T09:54:03.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-17963 (GCVE-0-2018-17963)

Vulnerability from cvelistv5

Published

2018-10-09 22:00

Modified

2024-08-05 11:01

Severity ?

CWE

Summary

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.

References

►

URL

Tags

	http://www.openwall.com/lists/oss-security/2018/10/08/1	mailing-list, x_refsource_MLIST
	https://www.debian.org/security/2018/dsa-4338	vendor-advisory, x_refsource_DEBIAN
	https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3826-1/	vendor-advisory, x_refsource_UBUNTU
	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html	mailing-list, x_refsource_MLIST
	https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2019:2166	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:2425	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:2553	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:01:14.685Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20181008 Qemu: integer overflow issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2018/10/08/1"
          },
          {
            "name": "DSA-4338",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4338"
          },
          {
            "name": "[qemu-devel] 20180926 [PULL 24/25] net: ignore packet size greater than INT_MAX",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html"
          },
          {
            "name": "USN-3826-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3826-1/"
          },
          {
            "name": "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html"
          },
          {
            "name": "RHSA-2019:2166",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2166"
          },
          {
            "name": "RHSA-2019:2425",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2425"
          },
          {
            "name": "RHSA-2019:2553",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2553"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-27T04:32:05",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20181008 Qemu: integer overflow issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2018/10/08/1"
        },
        {
          "name": "DSA-4338",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4338"
        },
        {
          "name": "[qemu-devel] 20180926 [PULL 24/25] net: ignore packet size greater than INT_MAX",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html"
        },
        {
          "name": "USN-3826-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3826-1/"
        },
        {
          "name": "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html"
        },
        {
          "name": "RHSA-2019:2166",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2166"
        },
        {
          "name": "RHSA-2019:2425",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2425"
        },
        {
          "name": "RHSA-2019:2553",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2553"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-17963",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20181008 Qemu: integer overflow issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2018/10/08/1"
            },
            {
              "name": "DSA-4338",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4338"
            },
            {
              "name": "[qemu-devel] 20180926 [PULL 24/25] net: ignore packet size greater than INT_MAX",
              "refsource": "MLIST",
              "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html"
            },
            {
              "name": "USN-3826-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3826-1/"
            },
            {
              "name": "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html"
            },
            {
              "name": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html",
              "refsource": "MISC",
              "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html"
            },
            {
              "name": "RHSA-2019:2166",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2166"
            },
            {
              "name": "RHSA-2019:2425",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2425"
            },
            {
              "name": "RHSA-2019:2553",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2553"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-17963",
    "datePublished": "2018-10-09T22:00:00",
    "dateReserved": "2018-10-03T00:00:00",
    "dateUpdated": "2024-08-05T11:01:14.685Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-15469 (GCVE-0-2018-15469)

Vulnerability from cvelistv5

Published

2018-08-17 17:00

Modified

2024-08-05 09:54

Severity ?

CWE

Summary

An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash).

References

►

URL

Tags

	https://security.gentoo.org/glsa/201810-06	vendor-advisory, x_refsource_GENTOO
	https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html	mailing-list, x_refsource_MLIST
	http://xenbits.xen.org/xsa/advisory-268.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.678Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-268.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-08-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-268.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-15469",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-268.html",
              "refsource": "MISC",
              "url": "http://xenbits.xen.org/xsa/advisory-268.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-15469",
    "datePublished": "2018-08-17T17:00:00",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-08-05T09:54:03.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2018:3490-1

Vulnerability from csaf_suse

CVE-2018-15468 (GCVE-0-2018-15468)

Vulnerability from cvelistv5

CVE-2018-3646 (GCVE-0-2018-3646)

Vulnerability from cvelistv5

CVE-2018-15470 (GCVE-0-2018-15470)

Vulnerability from cvelistv5

CVE-2018-17963 (GCVE-0-2018-17963)

Vulnerability from cvelistv5

CVE-2018-15469 (GCVE-0-2018-15469)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature