[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2018:4300-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":32,"duplicates":33,"related":34,"reserved_at":9,"published_at":44,"modified_at":45,"state":9,"summary":46,"references_raw":48,"kevs":145,"epss":9,"epss_history":146,"metrics":147,"affected":148},"SUSE-SU-2018:4300-1","Security update for xen\n\nThis update for xen fixes the following issues:\n\nUpdate to Xen 4.10.2 bug fix release (bsc#1027519).\n\nSecurity vulnerabilities fixed:\n\n- CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB\n  flushing with AMD IOMMUs, which potentially allowed a guest to escalate its\n  privileges, may cause a Denial of Service (DoS) affecting the entire host, or\n  may be able to access data it is not supposed to access. (XSA-275)\n  (bsc#1115040)\n- CVE-2018-19965: Fixed an issue related to the INVPCID instruction in case\n  non-canonical addresses are accessed, which may allow a guest to cause Xen to\n  crash, resulting in a Denial of Service (DoS) affecting the entire host.\n  (XSA-279) (bsc#1115045)\n- CVE-2018-19966: Fixed an issue related to a previous fix for XSA-240, which\n  conflicted with shadow paging and allowed a guest to cause Xen to crash,\n  resulting in a Denial of Service (DoS). (XSA-280) (bsc#1115047)\n- CVE-2018-18883: Fixed an issue related to inproper restriction of nested VT-x,\n  which allowed a guest to cause Xen to crash, resulting in a Denial of Service\n  (DoS). (XSA-278) (bsc#1114405)\n- CVE-2018-15468: Fixed incorrect MSR_DEBUGCTL handling, which allowed guests to\n  enable Branch Trace Store and may cause a Denial of Service (DoS) of the\n  entire host. (XSA-269) (bsc#1103276)\n- CVE-2018-15469: Fixed use of v2 grant tables on ARM, which were not properly\n  implemented and may cause a Denial of Service (DoS). (XSA-268) (bsc#1103275)\n- CVE-2018-15470: Fixed an issue in the logic in oxenstored for handling writes,\n  which allowed a guest to write memory unbounded leading to system-wide Denial\n  of Service (DoS). (XSA-272) (bsc#1103279)\n- CVE-2018-3646: Mitigations for VMM aspects of L1 Terminal Fault (XSA-273)\n  (bsc#1091107)\n\nOther bugs fixed:\n\n- Fixed an issue related to a domU hang on SLE12-SP3 HV (bsc#1108940)\n- Fixed an issue with xpti=no-dom0 not working as expected (bsc#1105528)\n- Fixed a kernel oops related to fs/dcache.c called by d_materialise_unique() (bsc#1094508)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30],{"_key":15},"CVE-2018-15468",{"_key":17},"CVE-2018-15469",{"_key":19},"CVE-2018-15470",{"_key":21},"CVE-2018-18883",{"_key":23},"CVE-2018-19961",{"_key":25},"CVE-2018-19962",{"_key":27},"CVE-2018-19965",{"_key":29},"CVE-2018-19966",{"_key":31},"CVE-2018-3646",[],[],[35,36,37,38,39,40,41,42,43],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},"2018-12-28T17:38:50Z","2026-02-04T03:31:49.667650Z",{"cisa_kev":47,"cisa_ransomware":47,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[49,55,60,64,68,72,76,80,84,88,92,96,100,104,108,113,117,121,125,129,133,137,141],{"url":50,"sources":51,"tags":53},"https://www.suse.com/support/update/announcement/2018/suse-su-20184300-1/",[52],"osv_suse",[54],"Advisory",{"url":56,"sources":57,"tags":58},"https://bugzilla.suse.com/1027519",[52],[59],"REPORT",{"url":61,"sources":62,"tags":63},"https://bugzilla.suse.com/1078292",[52],[59],{"url":65,"sources":66,"tags":67},"https://bugzilla.suse.com/1091107",[52],[59],{"url":69,"sources":70,"tags":71},"https://bugzilla.suse.com/1094508",[52],[59],{"url":73,"sources":74,"tags":75},"https://bugzilla.suse.com/1103275",[52],[59],{"url":77,"sources":78,"tags":79},"https://bugzilla.suse.com/1103276",[52],[59],{"url":81,"sources":82,"tags":83},"https://bugzilla.suse.com/1103279",[52],[59],{"url":85,"sources":86,"tags":87},"https://bugzilla.suse.com/1105528",[52],[59],{"url":89,"sources":90,"tags":91},"https://bugzilla.suse.com/1108940",[52],[59],{"url":93,"sources":94,"tags":95},"https://bugzilla.suse.com/1114405",[52],[59],{"url":97,"sources":98,"tags":99},"https://bugzilla.suse.com/1115040",[52],[59],{"url":101,"sources":102,"tags":103},"https://bugzilla.suse.com/1115045",[52],[59],{"url":105,"sources":106,"tags":107},"https://bugzilla.suse.com/1115047",[52],[59],{"url":109,"sources":110,"tags":111},"https://www.suse.com/security/cve/CVE-2018-15468",[52],[112],"WEB",{"url":114,"sources":115,"tags":116},"https://www.suse.com/security/cve/CVE-2018-15469",[52],[112],{"url":118,"sources":119,"tags":120},"https://www.suse.com/security/cve/CVE-2018-15470",[52],[112],{"url":122,"sources":123,"tags":124},"https://www.suse.com/security/cve/CVE-2018-18883",[52],[112],{"url":126,"sources":127,"tags":128},"https://www.suse.com/security/cve/CVE-2018-19961",[52],[112],{"url":130,"sources":131,"tags":132},"https://www.suse.com/security/cve/CVE-2018-19962",[52],[112],{"url":134,"sources":135,"tags":136},"https://www.suse.com/security/cve/CVE-2018-19965",[52],[112],{"url":138,"sources":139,"tags":140},"https://www.suse.com/security/cve/CVE-2018-19966",[52],[112],{"url":142,"sources":143,"tags":144},"https://www.suse.com/security/cve/CVE-2018-3646",[52],[112],[],[],[],[149,162],{"ecosystem":150,"name":151,"vendor":152,"product":153,"cpe_part":9,"purl_type":154,"purl_namespace":152,"purl_name":153,"source":9,"versions":155},"SUSE Linux Enterprise","xen","suse","xen&distro=SUSE Linux Enterprise Module for Basesystem 15","rpm",[156],{"version":157,"is_range":158,"range_type":159,"version_start":9,"version_start_type":9,"version_end":160,"version_end_type":161,"fixed_in":9},"lt4_10_2_04_3_9_1",true,"ecosystem","4.10.2_04-3.9.1","excluding",{"ecosystem":150,"name":151,"vendor":152,"product":163,"cpe_part":9,"purl_type":154,"purl_namespace":152,"purl_name":163,"source":9,"versions":164},"xen&distro=SUSE Linux Enterprise Module for Server Applications 15",[165],{"version":157,"is_range":158,"range_type":159,"version_start":9,"version_start_type":9,"version_end":160,"version_end_type":161,"fixed_in":9}]