[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2020:0388-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":64,"duplicates":65,"related":66,"reserved_at":9,"published_at":92,"modified_at":93,"state":9,"summary":94,"references_raw":96,"kevs":305,"epss":9,"epss_history":306,"metrics":307,"affected":308},"SUSE-SU-2020:0388-1","Security update for xen\n\nThis update for xen fixes the following issues:\n\n- CVE-2018-12207: Fixed a race condition where untrusted virtual machines could have been using the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional (bsc#1155945 XSA-304).\n- CVE-2018-19965: Fixed a DoS from attempting to use INVPCID with a non-canonical addresses (bsc#1115045 XSA-279).\n- CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate side-channel information leaks out of microarchitectural buffers, similar to the previously described 'Microarchitectural Data Sampling' attack. (bsc#1152497 XSA-305).\n- CVE-2019-12067: Fixed a null pointer dereference in QEMU AHCI (bsc#1145652).\n- CVE-2019-12068: Fixed an infinite loop while executing script (bsc#1146874).\n- CVE-2019-12155: Fixed a null pointer dereference while releasing spice resources (bsc#1135905).\n- CVE-2019-14378: Fixed a heap buffer overflow during packet reassembly in slirp networking implementation (bsc#1143797).\n- CVE-2019-15890: Fixed a use-after-free during packet reassembly (bsc#1149813).\n- CVE-2019-17340: Fixed grant table transfer issues on large hosts (XSA-284 bsc#1126140).\n- CVE-2019-17341: Fixed a race with pass-through device hotplug (XSA-285 bsc#1126141).\n- CVE-2019-17342: Fixed steal_page violating page_struct access discipline (XSA-287 bsc#1126192).\n- CVE-2019-17343: Fixed an inconsistent PV IOMMU discipline (XSA-288 bsc#1126195).\n- CVE-2019-17344: Fixed a missing preemption in x86 PV page table unvalidation (XSA-290 bsc#1126196).\n- CVE-2019-17347: Fixed a PV kernel context switch corruption (XSA-293 bsc#1126201).\n- CVE-2019-18420: Fixed a hypervisor crash that could be caused by malicious x86 PV guests, resulting in a denial of service (bsc#1154448 XSA-296).\n- CVE-2019-18421: Fixed a privilege escalation through malicious PV guest administrators (bsc#1154458 XSA-299).\n- CVE-2019-18424: Fixed a privilege escalation through DMA to physical devices by untrusted domains (bsc#1154461 XSA-302).  \n- CVE-2019-18425: Fixed a privilege escalation from 32-bit PV guest used mode (bsc#1154456 XSA-298).\n- CVE-2019-19577: Fixed an issue where a malicious guest administrator could have caused Xen to access data structures while they are being modified leading to a crash (bsc#1158007 XSA-311). \n- CVE-2019-19578: Fixed an issue where a malicious or buggy PV guest could have caused hypervisor crash resulting in denial of service affecting the entire host (bsc#1158005 XSA-309).\n- CVE-2019-19579: Fixed a privilege escalation where an untrusted domain with access to a physical device can DMA into host memory (bsc#1157888 XSA-306).\n- CVE-2019-19580: Fixed a privilege escalation where a malicious PV guest administrator could have been able to escalate their privilege to that of the host (bsc#1158006 XSA-310).\n- CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm (bsc#1158003 XSA-307).\n- CVE-2019-19583: Fixed improper checks which could have allowed HVM/PVH guest userspace code to crash the guest, leading to a guest denial of service (bsc#1158004 XSA-308).\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62],{"_key":15},"CVE-2018-12207",{"_key":17},"CVE-2018-19965",{"_key":19},"CVE-2019-11135",{"_key":21},"CVE-2019-12067",{"_key":23},"CVE-2019-12068",{"_key":25},"CVE-2019-12155",{"_key":27},"CVE-2019-14378",{"_key":29},"CVE-2019-15890",{"_key":31},"CVE-2019-17340",{"_key":33},"CVE-2019-17341",{"_key":35},"CVE-2019-17342",{"_key":37},"CVE-2019-17343",{"_key":39},"CVE-2019-17344",{"_key":41},"CVE-2019-17347",{"_key":43},"CVE-2019-18420",{"_key":45},"CVE-2019-18421",{"_key":47},"CVE-2019-18424",{"_key":49},"CVE-2019-18425",{"_key":51},"CVE-2019-19577",{"_key":53},"CVE-2019-19578",{"_key":55},"CVE-2019-19579",{"_key":57},"CVE-2019-19580",{"_key":59},"CVE-2019-19581",{"_key":61},"CVE-2019-19583",{"_key":63},"CVE-2020-7211",[],[],[67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},"2020-02-17T14:03:16Z","2026-02-04T02:19:31.700959Z",{"cisa_kev":95,"cisa_ransomware":95,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[97,103,108,112,116,120,124,128,132,136,140,144,148,152,156,160,164,168,172,176,180,184,188,192,196,200,204,209,213,217,221,225,229,233,237,241,245,249,253,257,261,265,269,273,277,281,285,289,293,297,301],{"url":98,"sources":99,"tags":101},"https://www.suse.com/support/update/announcement/2020/suse-su-20200388-1/",[100],"osv_suse",[102],"Advisory",{"url":104,"sources":105,"tags":106},"https://bugzilla.suse.com/1115045",[100],[107],"REPORT",{"url":109,"sources":110,"tags":111},"https://bugzilla.suse.com/1126140",[100],[107],{"url":113,"sources":114,"tags":115},"https://bugzilla.suse.com/1126141",[100],[107],{"url":117,"sources":118,"tags":119},"https://bugzilla.suse.com/1126192",[100],[107],{"url":121,"sources":122,"tags":123},"https://bugzilla.suse.com/1126195",[100],[107],{"url":125,"sources":126,"tags":127},"https://bugzilla.suse.com/1126196",[100],[107],{"url":129,"sources":130,"tags":131},"https://bugzilla.suse.com/1126201",[100],[107],{"url":133,"sources":134,"tags":135},"https://bugzilla.suse.com/1135905",[100],[107],{"url":137,"sources":138,"tags":139},"https://bugzilla.suse.com/1143797",[100],[107],{"url":141,"sources":142,"tags":143},"https://bugzilla.suse.com/1145652",[100],[107],{"url":145,"sources":146,"tags":147},"https://bugzilla.suse.com/1146874",[100],[107],{"url":149,"sources":150,"tags":151},"https://bugzilla.suse.com/1149813",[100],[107],{"url":153,"sources":154,"tags":155},"https://bugzilla.suse.com/1152497",[100],[107],{"url":157,"sources":158,"tags":159},"https://bugzilla.suse.com/1154448",[100],[107],{"url":161,"sources":162,"tags":163},"https://bugzilla.suse.com/1154456",[100],[107],{"url":165,"sources":166,"tags":167},"https://bugzilla.suse.com/1154458",[100],[107],{"url":169,"sources":170,"tags":171},"https://bugzilla.suse.com/1154461",[100],[107],{"url":173,"sources":174,"tags":175},"https://bugzilla.suse.com/1155945",[100],[107],{"url":177,"sources":178,"tags":179},"https://bugzilla.suse.com/1157888",[100],[107],{"url":181,"sources":182,"tags":183},"https://bugzilla.suse.com/1158003",[100],[107],{"url":185,"sources":186,"tags":187},"https://bugzilla.suse.com/1158004",[100],[107],{"url":189,"sources":190,"tags":191},"https://bugzilla.suse.com/1158005",[100],[107],{"url":193,"sources":194,"tags":195},"https://bugzilla.suse.com/1158006",[100],[107],{"url":197,"sources":198,"tags":199},"https://bugzilla.suse.com/1158007",[100],[107],{"url":201,"sources":202,"tags":203},"https://bugzilla.suse.com/1161181",[100],[107],{"url":205,"sources":206,"tags":207},"https://www.suse.com/security/cve/CVE-2018-12207",[100],[208],"WEB",{"url":210,"sources":211,"tags":212},"https://www.suse.com/security/cve/CVE-2018-19965",[100],[208],{"url":214,"sources":215,"tags":216},"https://www.suse.com/security/cve/CVE-2019-11135",[100],[208],{"url":218,"sources":219,"tags":220},"https://www.suse.com/security/cve/CVE-2019-12067",[100],[208],{"url":222,"sources":223,"tags":224},"https://www.suse.com/security/cve/CVE-2019-12068",[100],[208],{"url":226,"sources":227,"tags":228},"https://www.suse.com/security/cve/CVE-2019-12155",[100],[208],{"url":230,"sources":231,"tags":232},"https://www.suse.com/security/cve/CVE-2019-14378",[100],[208],{"url":234,"sources":235,"tags":236},"https://www.suse.com/security/cve/CVE-2019-15890",[100],[208],{"url":238,"sources":239,"tags":240},"https://www.suse.com/security/cve/CVE-2019-17340",[100],[208],{"url":242,"sources":243,"tags":244},"https://www.suse.com/security/cve/CVE-2019-17341",[100],[208],{"url":246,"sources":247,"tags":248},"https://www.suse.com/security/cve/CVE-2019-17342",[100],[208],{"url":250,"sources":251,"tags":252},"https://www.suse.com/security/cve/CVE-2019-17343",[100],[208],{"url":254,"sources":255,"tags":256},"https://www.suse.com/security/cve/CVE-2019-17344",[100],[208],{"url":258,"sources":259,"tags":260},"https://www.suse.com/security/cve/CVE-2019-17347",[100],[208],{"url":262,"sources":263,"tags":264},"https://www.suse.com/security/cve/CVE-2019-18420",[100],[208],{"url":266,"sources":267,"tags":268},"https://www.suse.com/security/cve/CVE-2019-18421",[100],[208],{"url":270,"sources":271,"tags":272},"https://www.suse.com/security/cve/CVE-2019-18424",[100],[208],{"url":274,"sources":275,"tags":276},"https://www.suse.com/security/cve/CVE-2019-18425",[100],[208],{"url":278,"sources":279,"tags":280},"https://www.suse.com/security/cve/CVE-2019-19577",[100],[208],{"url":282,"sources":283,"tags":284},"https://www.suse.com/security/cve/CVE-2019-19578",[100],[208],{"url":286,"sources":287,"tags":288},"https://www.suse.com/security/cve/CVE-2019-19579",[100],[208],{"url":290,"sources":291,"tags":292},"https://www.suse.com/security/cve/CVE-2019-19580",[100],[208],{"url":294,"sources":295,"tags":296},"https://www.suse.com/security/cve/CVE-2019-19581",[100],[208],{"url":298,"sources":299,"tags":300},"https://www.suse.com/security/cve/CVE-2019-19583",[100],[208],{"url":302,"sources":303,"tags":304},"https://www.suse.com/security/cve/CVE-2020-7211",[100],[208],[],[],[],[309,322],{"ecosystem":310,"name":311,"vendor":312,"product":313,"cpe_part":9,"purl_type":314,"purl_namespace":312,"purl_name":313,"source":9,"versions":315},"SUSE Linux Enterprise","xen","suse","xen&distro=SUSE Linux Enterprise Server 12 SP1-LTSS","rpm",[316],{"version":317,"is_range":318,"range_type":319,"version_start":9,"version_start_type":9,"version_end":320,"version_end_type":321,"fixed_in":9},"lt4_5_5_28_22_64_1",true,"ecosystem","4.5.5_28-22.64.1","excluding",{"ecosystem":310,"name":311,"vendor":312,"product":323,"cpe_part":9,"purl_type":314,"purl_namespace":312,"purl_name":323,"source":9,"versions":324},"xen&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1",[325],{"version":317,"is_range":318,"range_type":319,"version_start":9,"version_start_type":9,"version_end":320,"version_end_type":321,"fixed_in":9}]