Vulnerability from csaf_suse
Published
2020-09-29 12:12
Modified
2020-09-29 12:12
Summary
Security update for xen
Notes
Title of the patch
Security update for xen
Description of the patch
This update for xen fixes the following issues:
- CVE-2020-25604: Fixed a race condition when migrating timers between x86
HVM vCPU-s (bsc#1176343,XSA-336)
- CVE-2020-25595: Fixed an issue where PCI passthrough code was reading back hardware registers (bsc#1176344,XSA-337)
- CVE-2020-25597: Fixed an issue where a valid event channels may not turn invalid (bsc#1176346,XSA-338)
- CVE-2020-25596: Fixed a potential denial of service in x86 pv guest kernel via SYSENTER (bsc#1176345,XSA-339)
- CVE-2020-25603: Fixed an issue due to missing barriers when accessing/allocating an event channel (bsc#1176347,XSA-340)
- CVE-2020-25600: Fixed out of bounds event channels available to 32-bit x86 domains (bsc#1176348,XSA-342)
- CVE-2020-25599: Fixed race conditions with evtchn_reset() (bsc#1176349,XSA-343)
- CVE-2020-25601: Fixed an issue due to lack of preemption in evtchn_reset() / evtchn_destroy() (bsc#1176350,XSA-344)
- CVE-2020-14364: Fixed an out-of-bounds read/write access while processing usb packets (bsc#1175534).
- Various bug fixes (bsc#1027519)
Patchnames
HPE-Helion-OpenStack-8-2020-2787,SUSE-2020-2787,SUSE-OpenStack-Cloud-8-2020-2787,SUSE-OpenStack-Cloud-Crowbar-8-2020-2787,SUSE-SLE-SAP-12-SP3-2020-2787,SUSE-SLE-SERVER-12-SP3-2020-2787,SUSE-SLE-SERVER-12-SP3-BCL-2020-2787,SUSE-Storage-5-2020-2787
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for xen", title: "Title of the patch", }, { category: "description", text: "This update for xen fixes the following issues:\n\n- CVE-2020-25604: Fixed a race condition when migrating timers between x86 \n HVM vCPU-s (bsc#1176343,XSA-336)\n- CVE-2020-25595: Fixed an issue where PCI passthrough code was reading back hardware registers (bsc#1176344,XSA-337)\n- CVE-2020-25597: Fixed an issue where a valid event channels may not turn invalid (bsc#1176346,XSA-338)\n- CVE-2020-25596: Fixed a potential denial of service in x86 pv guest kernel via SYSENTER (bsc#1176345,XSA-339)\n- CVE-2020-25603: Fixed an issue due to missing barriers when accessing/allocating an event channel (bsc#1176347,XSA-340)\n- CVE-2020-25600: Fixed out of bounds event channels available to 32-bit x86 domains (bsc#1176348,XSA-342)\n- CVE-2020-25599: Fixed race conditions with evtchn_reset() (bsc#1176349,XSA-343)\n- CVE-2020-25601: Fixed an issue due to lack of preemption in evtchn_reset() / evtchn_destroy() (bsc#1176350,XSA-344)\t \n- CVE-2020-14364: Fixed an out-of-bounds read/write access while processing usb packets (bsc#1175534).\n- Various bug fixes (bsc#1027519)\n", title: "Description of the patch", }, { category: "details", text: "HPE-Helion-OpenStack-8-2020-2787,SUSE-2020-2787,SUSE-OpenStack-Cloud-8-2020-2787,SUSE-OpenStack-Cloud-Crowbar-8-2020-2787,SUSE-SLE-SAP-12-SP3-2020-2787,SUSE-SLE-SERVER-12-SP3-2020-2787,SUSE-SLE-SERVER-12-SP3-BCL-2020-2787,SUSE-Storage-5-2020-2787", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2787-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:2787-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20202787-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:2787-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-September/007501.html", }, { category: "self", summary: "SUSE Bug 1175534", url: "https://bugzilla.suse.com/1175534", }, { category: "self", summary: "SUSE Bug 1176343", url: "https://bugzilla.suse.com/1176343", }, { category: "self", summary: "SUSE Bug 1176344", url: "https://bugzilla.suse.com/1176344", }, { category: "self", summary: "SUSE Bug 1176345", url: "https://bugzilla.suse.com/1176345", }, { category: "self", summary: "SUSE Bug 1176346", url: "https://bugzilla.suse.com/1176346", }, { category: "self", summary: "SUSE Bug 1176347", url: "https://bugzilla.suse.com/1176347", }, { category: "self", summary: "SUSE Bug 1176348", url: "https://bugzilla.suse.com/1176348", }, { category: "self", summary: "SUSE Bug 1176349", url: "https://bugzilla.suse.com/1176349", }, { category: "self", summary: "SUSE Bug 1176350", url: "https://bugzilla.suse.com/1176350", }, { category: "self", summary: "SUSE CVE CVE-2020-14364 page", url: "https://www.suse.com/security/cve/CVE-2020-14364/", }, { category: "self", summary: "SUSE CVE CVE-2020-25595 page", url: "https://www.suse.com/security/cve/CVE-2020-25595/", }, { category: "self", summary: "SUSE CVE CVE-2020-25596 page", url: "https://www.suse.com/security/cve/CVE-2020-25596/", }, { category: "self", summary: "SUSE CVE CVE-2020-25597 page", url: "https://www.suse.com/security/cve/CVE-2020-25597/", }, { category: "self", summary: "SUSE CVE CVE-2020-25599 page", url: "https://www.suse.com/security/cve/CVE-2020-25599/", }, { category: "self", summary: "SUSE CVE CVE-2020-25600 page", url: "https://www.suse.com/security/cve/CVE-2020-25600/", }, { category: "self", summary: "SUSE CVE CVE-2020-25601 page", url: "https://www.suse.com/security/cve/CVE-2020-25601/", }, { category: "self", summary: "SUSE CVE CVE-2020-25603 page", url: "https://www.suse.com/security/cve/CVE-2020-25603/", }, { category: "self", summary: "SUSE CVE CVE-2020-25604 page", url: "https://www.suse.com/security/cve/CVE-2020-25604/", }, ], title: "Security update for xen", tracking: { current_release_date: "2020-09-29T12:12:46Z", generator: { date: "2020-09-29T12:12:46Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:2787-1", initial_release_date: "2020-09-29T12:12:46Z", revision_history: [ { date: "2020-09-29T12:12:46Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "xen-4.9.4_12-3.74.1.aarch64", product: { name: "xen-4.9.4_12-3.74.1.aarch64", product_id: "xen-4.9.4_12-3.74.1.aarch64", }, }, { category: "product_version", name: "xen-devel-4.9.4_12-3.74.1.aarch64", product: { name: "xen-devel-4.9.4_12-3.74.1.aarch64", product_id: "xen-devel-4.9.4_12-3.74.1.aarch64", }, }, { category: "product_version", name: "xen-doc-html-4.9.4_12-3.74.1.aarch64", product: { name: "xen-doc-html-4.9.4_12-3.74.1.aarch64", product_id: "xen-doc-html-4.9.4_12-3.74.1.aarch64", }, }, { category: "product_version", name: "xen-libs-4.9.4_12-3.74.1.aarch64", product: { name: "xen-libs-4.9.4_12-3.74.1.aarch64", product_id: "xen-libs-4.9.4_12-3.74.1.aarch64", }, }, { category: "product_version", name: "xen-tools-4.9.4_12-3.74.1.aarch64", product: { name: "xen-tools-4.9.4_12-3.74.1.aarch64", product_id: "xen-tools-4.9.4_12-3.74.1.aarch64", }, }, { category: "product_version", name: "xen-tools-domU-4.9.4_12-3.74.1.aarch64", product: { name: "xen-tools-domU-4.9.4_12-3.74.1.aarch64", product_id: "xen-tools-domU-4.9.4_12-3.74.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "xen-libs-64bit-4.9.4_12-3.74.1.aarch64_ilp32", product: { name: "xen-libs-64bit-4.9.4_12-3.74.1.aarch64_ilp32", product_id: "xen-libs-64bit-4.9.4_12-3.74.1.aarch64_ilp32", }, }, ], category: "architecture", name: "aarch64_ilp32", }, { branches: [ { category: "product_version", name: "xen-devel-4.9.4_12-3.74.1.i586", product: { name: "xen-devel-4.9.4_12-3.74.1.i586", product_id: "xen-devel-4.9.4_12-3.74.1.i586", }, }, { category: "product_version", name: "xen-libs-4.9.4_12-3.74.1.i586", product: { name: "xen-libs-4.9.4_12-3.74.1.i586", product_id: "xen-libs-4.9.4_12-3.74.1.i586", }, }, { category: "product_version", name: "xen-tools-domU-4.9.4_12-3.74.1.i586", product: { name: "xen-tools-domU-4.9.4_12-3.74.1.i586", product_id: "xen-tools-domU-4.9.4_12-3.74.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "xen-4.9.4_12-3.74.1.x86_64", product: { name: "xen-4.9.4_12-3.74.1.x86_64", product_id: "xen-4.9.4_12-3.74.1.x86_64", }, }, { category: "product_version", name: "xen-doc-html-4.9.4_12-3.74.1.x86_64", product: { name: "xen-doc-html-4.9.4_12-3.74.1.x86_64", product_id: "xen-doc-html-4.9.4_12-3.74.1.x86_64", }, }, { category: "product_version", name: "xen-libs-4.9.4_12-3.74.1.x86_64", product: { name: "xen-libs-4.9.4_12-3.74.1.x86_64", product_id: "xen-libs-4.9.4_12-3.74.1.x86_64", }, }, { category: "product_version", name: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64", product: { name: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64", product_id: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64", }, }, { category: "product_version", name: "xen-tools-4.9.4_12-3.74.1.x86_64", product: { name: "xen-tools-4.9.4_12-3.74.1.x86_64", product_id: "xen-tools-4.9.4_12-3.74.1.x86_64", }, }, { category: "product_version", name: "xen-tools-domU-4.9.4_12-3.74.1.x86_64", product: { name: "xen-tools-domU-4.9.4_12-3.74.1.x86_64", product_id: "xen-tools-domU-4.9.4_12-3.74.1.x86_64", }, }, { category: "product_version", name: "xen-devel-4.9.4_12-3.74.1.x86_64", product: { name: "xen-devel-4.9.4_12-3.74.1.x86_64", product_id: "xen-devel-4.9.4_12-3.74.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "HPE Helion OpenStack 8", product: { name: "HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8", product_identification_helper: { cpe: "cpe:/o:suse:hpe-helion-openstack:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 8", product: { name: "SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 8", product: { name: "SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:8", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp3", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 5", product: { name: "SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5", product_identification_helper: { cpe: "cpe:/o:suse:ses:5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "xen-4.9.4_12-3.74.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "xen-doc-html-4.9.4_12-3.74.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-doc-html-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "xen-libs-4.9.4_12-3.74.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "xen-tools-4.9.4_12-3.74.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "xen-tools-domU-4.9.4_12-3.74.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-domU-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "xen-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "xen-doc-html-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-doc-html-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "xen-libs-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "xen-tools-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "xen-tools-domU-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-domU-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "xen-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "xen-doc-html-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-doc-html-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "xen-libs-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "xen-tools-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "xen-tools-domU-4.9.4_12-3.74.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-domU-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "xen-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xen-doc-html-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-doc-html-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xen-libs-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xen-tools-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xen-tools-domU-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-domU-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xen-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "xen-doc-html-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-doc-html-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "xen-libs-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "xen-tools-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "xen-tools-domU-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-domU-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "xen-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "xen-doc-html-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-doc-html-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "xen-libs-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "xen-tools-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "xen-tools-domU-4.9.4_12-3.74.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-domU-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "xen-4.9.4_12-3.74.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "xen-doc-html-4.9.4_12-3.74.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-doc-html-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "xen-libs-4.9.4_12-3.74.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-libs-32bit-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "xen-tools-4.9.4_12-3.74.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "xen-tools-domU-4.9.4_12-3.74.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", }, product_reference: "xen-tools-domU-4.9.4_12-3.74.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, ], }, vulnerabilities: [ { cve: "CVE-2020-14364", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14364", }, ], notes: [ { category: "general", text: "An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14364", url: "https://www.suse.com/security/cve/CVE-2020-14364", }, { category: "external", summary: "SUSE Bug 1175441 for CVE-2020-14364", url: "https://bugzilla.suse.com/1175441", }, { category: "external", summary: "SUSE Bug 1175534 for CVE-2020-14364", url: "https://bugzilla.suse.com/1175534", }, { category: "external", summary: "SUSE Bug 1176494 for CVE-2020-14364", url: "https://bugzilla.suse.com/1176494", }, { category: "external", summary: "SUSE Bug 1177130 for CVE-2020-14364", url: "https://bugzilla.suse.com/1177130", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-09-29T12:12:46Z", details: "moderate", }, ], title: "CVE-2020-14364", }, { cve: "CVE-2020-25595", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25595", }, ], notes: [ { category: "general", text: "An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't be able to affect these registers, experience shows that it's very common for devices to have out-of-spec \"backdoor\" operations that can affect the result of these reads. A not fully trusted guest may be able to crash Xen, leading to a Denial of Service (DoS) for the entire system. Privilege escalation and information leaks cannot be excluded. All versions of Xen supporting PCI passthrough are affected. Only x86 systems are vulnerable. Arm systems are not vulnerable. Only guests with passed through PCI devices may be able to leverage the vulnerability. Only systems passing through devices with out-of-spec (\"backdoor\") functionality can cause issues. Experience shows that such out-of-spec functionality is common; unless you have reason to believe that your device does not have such functionality, it's better to assume that it does.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25595", url: "https://www.suse.com/security/cve/CVE-2020-25595", }, { category: "external", summary: "SUSE Bug 1176344 for CVE-2020-25595", url: "https://bugzilla.suse.com/1176344", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2020-25595", url: "https://bugzilla.suse.com/1178658", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-09-29T12:12:46Z", details: "important", }, ], title: "CVE-2020-25595", }, { cve: "CVE-2020-25596", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25596", }, ], notes: [ { category: "general", text: "An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault, and incorrectly delivers it twice to the guest. This causes the guest kernel to observe a kernel-privilege #GP fault (typically fatal) rather than a user-privilege #GP fault (usually converted into SIGSEGV/etc.). Malicious or buggy userspace can crash the guest kernel, resulting in a VM Denial of Service. All versions of Xen from 3.2 onwards are vulnerable. Only x86 systems are vulnerable. ARM platforms are not vulnerable. Only x86 systems that support the SYSENTER instruction in 64bit mode are vulnerable. This is believed to be Intel, Centaur, and Shanghai CPUs. AMD and Hygon CPUs are not believed to be vulnerable. Only x86 PV guests can exploit the vulnerability. x86 PVH / HVM guests cannot exploit the vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25596", url: "https://www.suse.com/security/cve/CVE-2020-25596", }, { category: "external", summary: "SUSE Bug 1176345 for CVE-2020-25596", url: "https://bugzilla.suse.com/1176345", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2020-25596", url: "https://bugzilla.suse.com/1178658", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-09-29T12:12:46Z", details: "moderate", }, ], title: "CVE-2020-25596", }, { cve: "CVE-2020-25597", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25597", }, ], notes: [ { category: "general", text: "An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not become invalid over the life time of a guest. However, operations like the resetting of all event channels may involve decreasing one of the bounds checked when determining validity. This may lead to bug checks triggering, crashing the host. An unprivileged guest may be able to crash Xen, leading to a Denial of Service (DoS) for the entire system. All Xen versions from 4.4 onwards are vulnerable. Xen versions 4.3 and earlier are not vulnerable. Only systems with untrusted guests permitted to create more than the default number of event channels are vulnerable. This number depends on the architecture and type of guest. For 32-bit x86 PV guests, this is 1023; for 64-bit x86 PV guests, and for all ARM guests, this number is 4095. Systems where untrusted guests are limited to fewer than this number are not vulnerable. Note that xl and libxl limit max_event_channels to 1023 by default, so systems using exclusively xl, libvirt+libxl, or their own toolstack based on libxl, and not explicitly setting max_event_channels, are not vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25597", url: "https://www.suse.com/security/cve/CVE-2020-25597", }, { category: "external", summary: "SUSE Bug 1176346 for CVE-2020-25597", url: "https://bugzilla.suse.com/1176346", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-09-29T12:12:46Z", details: "moderate", }, ], title: "CVE-2020-25597", }, { cve: "CVE-2020-25599", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25599", }, ], notes: [ { category: "general", text: "An issue was discovered in Xen through 4.14.x. There are evtchn_reset() race conditions. Uses of EVTCHNOP_reset (potentially by a guest on itself) or XEN_DOMCTL_soft_reset (by itself covered by XSA-77) can lead to the violation of various internal assumptions. This may lead to out of bounds memory accesses or triggering of bug checks. In particular, x86 PV guests may be able to elevate their privilege to that of the host. Host and guest crashes are also possible, leading to a Denial of Service (DoS). Information leaks cannot be ruled out. All Xen versions from 4.5 onwards are vulnerable. Xen versions 4.4 and earlier are not vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25599", url: "https://www.suse.com/security/cve/CVE-2020-25599", }, { category: "external", summary: "SUSE Bug 1176349 for CVE-2020-25599", url: "https://bugzilla.suse.com/1176349", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-09-29T12:12:46Z", details: "important", }, ], title: "CVE-2020-25599", }, { cve: "CVE-2020-25600", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25600", }, ], notes: [ { category: "general", text: "An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs 64-bit or Arm (either bitness) ones. 32-bit x86 domains can use only 1023 channels, due to limited space in their shared (between guest and Xen) information structure, whereas all other domains can use up to 4095 in this model. The recording of the respective limit during domain initialization, however, has occurred at a time where domains are still deemed to be 64-bit ones, prior to actually honoring respective domain properties. At the point domains get recognized as 32-bit ones, the limit didn't get updated accordingly. Due to this misbehavior in Xen, 32-bit domains (including Domain 0) servicing other domains may observe event channel allocations to succeed when they should really fail. Subsequent use of such event channels would then possibly lead to corruption of other parts of the shared info structure. An unprivileged guest may cause another domain, in particular Domain 0, to misbehave. This may lead to a Denial of Service (DoS) for the entire system. All Xen versions from 4.4 onwards are vulnerable. Xen versions 4.3 and earlier are not vulnerable. Only x86 32-bit domains servicing other domains are vulnerable. Arm systems, as well as x86 64-bit domains, are not vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25600", url: "https://www.suse.com/security/cve/CVE-2020-25600", }, { category: "external", summary: "SUSE Bug 1176348 for CVE-2020-25600", url: "https://bugzilla.suse.com/1176348", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-09-29T12:12:46Z", details: "important", }, ], title: "CVE-2020-25600", }, { cve: "CVE-2020-25601", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25601", }, ], notes: [ { category: "general", text: "An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of these (when resetting all event channels or when cleaning up after the guest) may take extended periods of time. So far, there was no arrangement for preemption at suitable intervals, allowing a CPU to spend an almost unbounded amount of time in the processing of these operations. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system. All Xen versions are vulnerable in principle. Whether versions 4.3 and older are vulnerable depends on underlying hardware characteristics.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25601", url: "https://www.suse.com/security/cve/CVE-2020-25601", }, { category: "external", summary: "SUSE Bug 1176350 for CVE-2020-25601", url: "https://bugzilla.suse.com/1176350", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-09-29T12:12:46Z", details: "moderate", }, ], title: "CVE-2020-25601", }, { cve: "CVE-2020-25603", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25603", }, ], notes: [ { category: "general", text: "An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory barrier (e.g., smp_*mb()) to prevent both the compiler and CPU from re-ordering access. A malicious guest may be able to cause a hypervisor crash resulting in a Denial of Service (DoS). Information leak and privilege escalation cannot be excluded. Systems running all versions of Xen are affected. Whether a system is vulnerable will depend on the CPU and compiler used to build Xen. For all systems, the presence and the scope of the vulnerability depend on the precise re-ordering performed by the compiler used to build Xen. We have not been able to survey compilers; consequently we cannot say which compiler(s) might produce vulnerable code (with which code generation options). GCC documentation clearly suggests that re-ordering is possible. Arm systems will also be vulnerable if the CPU is able to re-order memory access. Please consult your CPU vendor. x86 systems are only vulnerable if a compiler performs re-ordering.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25603", url: "https://www.suse.com/security/cve/CVE-2020-25603", }, { category: "external", summary: "SUSE Bug 1176347 for CVE-2020-25603", url: "https://bugzilla.suse.com/1176347", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2020-25603", url: "https://bugzilla.suse.com/1178658", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-09-29T12:12:46Z", details: "important", }, ], title: "CVE-2020-25603", }, { cve: "CVE-2020-25604", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25604", }, ], notes: [ { category: "general", text: "An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also operating on the timers) to release a lock that it didn't acquire. The most likely effect of the issue is a hang or crash of the hypervisor, i.e., a Denial of Service (DoS). All versions of Xen are affected. Only x86 systems are vulnerable. Arm systems are not vulnerable. Only x86 HVM guests can leverage the vulnerability. x86 PV and PVH cannot leverage the vulnerability. Only guests with more than one vCPU can exploit the vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25604", url: "https://www.suse.com/security/cve/CVE-2020-25604", }, { category: "external", summary: "SUSE Bug 1176343 for CVE-2020-25604", url: "https://bugzilla.suse.com/1176343", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2020-25604", url: "https://bugzilla.suse.com/1178658", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:xen-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-libs-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-4.9.4_12-3.74.1.x86_64", "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_12-3.74.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_12-3.74.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-09-29T12:12:46Z", details: "moderate", }, ], title: "CVE-2020-25604", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.