rpm package
opensuse/xen&distro=openSUSE Leap 15.3
pkg:rpm/opensuse/xen&distro=openSUSE%20Leap%2015.3
Vulnerabilities (65)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-33745 | — | < 4.14.5_04-150300.3.32.1 | 4.14.5_04-150300.3.32.1 | Jul 26, 2022 | insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable cha | ||
| CVE-2022-23825 | — | < 4.14.5_04-150300.3.32.1 | 4.14.5_04-150300.3.32.1 | Jul 14, 2022 | Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | ||
| CVE-2022-29900 | — | < 4.14.5_04-150300.3.32.1 | 4.14.5_04-150300.3.32.1 | Jul 12, 2022 | Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | ||
| CVE-2022-33742 | — | < 4.14.5_06-150300.3.35.1 | 4.14.5_06-150300.3.35.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-33741 | — | < 4.14.5_06-150300.3.35.1 | 4.14.5_06-150300.3.35.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-33740 | — | < 4.14.5_06-150300.3.35.1 | 4.14.5_06-150300.3.35.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-26365 | — | < 4.14.5_06-150300.3.35.1 | 4.14.5_06-150300.3.35.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-21166 | — | < 4.14.5_04-150300.3.32.1 | 4.14.5_04-150300.3.32.1 | Jun 15, 2022 | Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-21125 | — | < 4.14.5_04-150300.3.32.1 | 4.14.5_04-150300.3.32.1 | Jun 15, 2022 | Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-21123 | — | < 4.14.5_04-150300.3.32.1 | 4.14.5_04-150300.3.32.1 | Jun 15, 2022 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-26362 | — | < 4.14.5_02-150300.3.29.1 | 4.14.5_02-150300.3.29.1 | Jun 9, 2022 | x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates | ||
| CVE-2022-26364 | — | < 4.14.5_02-150300.3.29.1 | 4.14.5_02-150300.3.29.1 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | ||
| CVE-2022-26363 | — | < 4.14.5_02-150300.3.29.1 | 4.14.5_02-150300.3.29.1 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | ||
| CVE-2022-26361 | — | < 4.14.4_04-150300.3.24.1 | 4.14.4_04-150300.3.24.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26360 | — | < 4.14.4_04-150300.3.24.1 | 4.14.4_04-150300.3.24.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26359 | — | < 4.14.4_04-150300.3.24.1 | 4.14.4_04-150300.3.24.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26358 | — | < 4.14.4_04-150300.3.24.1 | 4.14.4_04-150300.3.24.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26357 | — | < 4.14.4_04-150300.3.24.1 | 4.14.4_04-150300.3.24.1 | Apr 5, 2022 | race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The clea | ||
| CVE-2022-26356 | — | < 4.14.4_04-150300.3.24.1 | 4.14.4_04-150300.3.24.1 | Apr 5, 2022 | Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_ | ||
| CVE-2022-0002 | — | < 4.14.4_02-150300.3.21.1 | 4.14.4_02-150300.3.21.1 | Mar 11, 2022 | Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. |
- CVE-2022-33745Jul 26, 2022affected < 4.14.5_04-150300.3.32.1fixed 4.14.5_04-150300.3.32.1
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable cha
- CVE-2022-23825Jul 14, 2022affected < 4.14.5_04-150300.3.32.1fixed 4.14.5_04-150300.3.32.1
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
- CVE-2022-29900Jul 12, 2022affected < 4.14.5_04-150300.3.32.1fixed 4.14.5_04-150300.3.32.1
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
- CVE-2022-33742Jul 5, 2022affected < 4.14.5_06-150300.3.35.1fixed 4.14.5_06-150300.3.35.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-33741Jul 5, 2022affected < 4.14.5_06-150300.3.35.1fixed 4.14.5_06-150300.3.35.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-33740Jul 5, 2022affected < 4.14.5_06-150300.3.35.1fixed 4.14.5_06-150300.3.35.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-26365Jul 5, 2022affected < 4.14.5_06-150300.3.35.1fixed 4.14.5_06-150300.3.35.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-21166Jun 15, 2022affected < 4.14.5_04-150300.3.32.1fixed 4.14.5_04-150300.3.32.1
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21125Jun 15, 2022affected < 4.14.5_04-150300.3.32.1fixed 4.14.5_04-150300.3.32.1
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21123Jun 15, 2022affected < 4.14.5_04-150300.3.32.1fixed 4.14.5_04-150300.3.32.1
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-26362Jun 9, 2022affected < 4.14.5_02-150300.3.29.1fixed 4.14.5_02-150300.3.29.1
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates
- CVE-2022-26364Jun 9, 2022affected < 4.14.5_02-150300.3.29.1fixed 4.14.5_02-150300.3.29.1
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- CVE-2022-26363Jun 9, 2022affected < 4.14.5_02-150300.3.29.1fixed 4.14.5_02-150300.3.29.1
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- CVE-2022-26361Apr 5, 2022affected < 4.14.4_04-150300.3.24.1fixed 4.14.4_04-150300.3.24.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26360Apr 5, 2022affected < 4.14.4_04-150300.3.24.1fixed 4.14.4_04-150300.3.24.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26359Apr 5, 2022affected < 4.14.4_04-150300.3.24.1fixed 4.14.4_04-150300.3.24.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26358Apr 5, 2022affected < 4.14.4_04-150300.3.24.1fixed 4.14.4_04-150300.3.24.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26357Apr 5, 2022affected < 4.14.4_04-150300.3.24.1fixed 4.14.4_04-150300.3.24.1
race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The clea
- CVE-2022-26356Apr 5, 2022affected < 4.14.4_04-150300.3.24.1fixed 4.14.4_04-150300.3.24.1
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_
- CVE-2022-0002Mar 11, 2022affected < 4.14.4_02-150300.3.21.1fixed 4.14.4_02-150300.3.21.1
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
Page 2 of 4