SUSE-SU-2018:2069-1

Advisory lineage Upstream: 5 Downstream: 0

Upstream

CVE-2018-11806 CVE-2018-12617 CVE-2018-12891 CVE-2018-12893 CVE-2018-3665

Published: 26 Jul 2018, 14:46

Last modified:04 Feb 2026, 02:13

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

26 Jul 2018, 14:46

Published

Vulnerability first disclosed

04 Feb 2026, 02:13

Last Modified

Vulnerability information updated

Description

Security update for xen This update for xen fixes the following issues: Security issues fixed: - CVE-2018-12617: Fix integer overflow that causes segmentation fault in qmp_guest_file_read() with g_malloc() (bsc#1098744). - CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242). - CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224). - CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521). - CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522). Bug fixes: - bsc#1079730: Fix failed 'write' lock. - bsc#1027519: Add upstream patches from January.

Affected Systems

suse•xen&distro=SUSE Linux Enterprise Server 12 SP1-LTSS
< 4.5.5_24-22.52.3
suse•xen&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
< 4.5.5_24-22.52.3

SUSE-SU-2018:2069-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (13)