ID de Prueba:	1.3.6.1.4.1.25623.1.0.851864
Categoría:	SuSE Local Security Checks
Título:	openSUSE: Security Advisory for xen (openSUSE-SU-2018:2434-1)
Resumen:	The remote host is missing an update for the 'xen'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'xen' package(s) announced via the referenced advisory. Vulnerability Insight: This update for xen fixes the following security issues: - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis (bsc#1091107, bsc#1027519). - Incorrect MSR_DEBUGCTL handling let guests enable BTS allowing a malicious or buggy guest administrator can lock up the entire host (bsc#1103276) This update was imported from the SUSE:SLE-12-SP3:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-910=1 Affected Software/OS: xen on openSUSE Leap 42.3 Solution: Please install the updated package(s). CVSS Score: 4.7 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-3646 BugTraq ID: 105080 http://www.securityfocus.com/bid/105080 CERT/CC vulnerability note: VU#982149 https://www.kb.cert.org/vuls/id/982149 Cisco Security Advisory: 20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel http://support.lenovo.com/us/en/solutions/LEN-24163 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en http://www.vmware.com/security/advisories/VMSA-2018-0020.html http://xenbits.xen.org/xsa/advisory-273.html https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010 https://security.netapp.com/advisory/ntap-20180815-0001/ https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault https://support.f5.com/csp/article/K31300402 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.synology.com/support/security/Synology_SA_18_45 Debian Security Information: DSA-4274 (Google Search) https://www.debian.org/security/2018/dsa-4274 Debian Security Information: DSA-4279 (Google Search) https://www.debian.org/security/2018/dsa-4279 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/ FreeBSD Security Advisory: FreeBSD-SA-18:09 https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc https://security.gentoo.org/glsa/201810-06 https://foreshadowattack.eu/ https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html RedHat Security Advisories: RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2384 RedHat Security Advisories: RHSA-2018:2387 https://access.redhat.com/errata/RHSA-2018:2387 RedHat Security Advisories: RHSA-2018:2388 https://access.redhat.com/errata/RHSA-2018:2388 RedHat Security Advisories: RHSA-2018:2389 https://access.redhat.com/errata/RHSA-2018:2389 RedHat Security Advisories: RHSA-2018:2390 https://access.redhat.com/errata/RHSA-2018:2390 RedHat Security Advisories: RHSA-2018:2391 https://access.redhat.com/errata/RHSA-2018:2391 RedHat Security Advisories: RHSA-2018:2392 https://access.redhat.com/errata/RHSA-2018:2392 RedHat Security Advisories: RHSA-2018:2393 https://access.redhat.com/errata/RHSA-2018:2393 RedHat Security Advisories: RHSA-2018:2394 https://access.redhat.com/errata/RHSA-2018:2394 RedHat Security Advisories: RHSA-2018:2395 https://access.redhat.com/errata/RHSA-2018:2395 RedHat Security Advisories: RHSA-2018:2396 https://access.redhat.com/errata/RHSA-2018:2396 RedHat Security Advisories: RHSA-2018:2402 https://access.redhat.com/errata/RHSA-2018:2402 RedHat Security Advisories: RHSA-2018:2403 https://access.redhat.com/errata/RHSA-2018:2403 RedHat Security Advisories: RHSA-2018:2404 https://access.redhat.com/errata/RHSA-2018:2404 RedHat Security Advisories: RHSA-2018:2602 https://access.redhat.com/errata/RHSA-2018:2602 RedHat Security Advisories: RHSA-2018:2603 https://access.redhat.com/errata/RHSA-2018:2603 http://www.securitytracker.com/id/1041451 http://www.securitytracker.com/id/1042004 https://usn.ubuntu.com/3740-1/ https://usn.ubuntu.com/3740-2/ https://usn.ubuntu.com/3741-1/ https://usn.ubuntu.com/3741-2/ https://usn.ubuntu.com/3742-1/ https://usn.ubuntu.com/3742-2/ https://usn.ubuntu.com/3756-1/ https://usn.ubuntu.com/3823-1/
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.