SUSE-SU-2018:2056-1
Advisory lineage Upstream: 5 Downstream: 0
Published: 25 Jul 2018, 09:01
Last modified:04 Feb 2026, 02:55
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
25 Jul 2018, 09:01
Published
Vulnerability first disclosed
04 Feb 2026, 02:55
Last Modified
Vulnerability information updated
Description
Security update for xen This update for xen fixes the following issues: Security issues fixed: - CVE-2018-12617: Fix integer overflow that causes segmentation fault in qmp_guest_file_read() with g_malloc() (bsc#1098744). - CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242). - CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224). - CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521). - CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522). Bug fixes: - bsc#1079730: Fix failed 'write' lock. - bsc#1027519: Add upstream patches from January.
Affected Systems
- suse•xen&distro=SUSE Linux Enterprise Server 12-LTSS
< 4.4.4_34-22.71.2
References (13)
- https://www.suse.com/support/update/announcement/2018/suse-su-20182056-1/
- https://bugzilla.suse.com/1027519
- https://bugzilla.suse.com/1079730
- https://bugzilla.suse.com/1095242
- https://bugzilla.suse.com/1096224
- https://bugzilla.suse.com/1097521
- https://bugzilla.suse.com/1097522
- https://bugzilla.suse.com/1098744
- https://www.suse.com/security/cve/CVE-2018-11806
- https://www.suse.com/security/cve/CVE-2018-12617
- https://www.suse.com/security/cve/CVE-2018-12891
- https://www.suse.com/security/cve/CVE-2018-12893
- https://www.suse.com/security/cve/CVE-2018-3665