rpm package
opensuse/xen&distro=openSUSE Leap 15.4
pkg:rpm/opensuse/xen&distro=openSUSE%20Leap%2015.4
Vulnerabilities (48)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-23825 | — | < 4.16.1_06-150400.4.8.1 | 4.16.1_06-150400.4.8.1 | Jul 14, 2022 | Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | ||
| CVE-2022-29900 | — | < 4.16.1_06-150400.4.8.1 | 4.16.1_06-150400.4.8.1 | Jul 12, 2022 | Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | ||
| CVE-2022-21166 | — | < 4.16.1_06-150400.4.8.1 | 4.16.1_06-150400.4.8.1 | Jun 15, 2022 | Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-21125 | — | < 4.16.1_06-150400.4.8.1 | 4.16.1_06-150400.4.8.1 | Jun 15, 2022 | Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-21123 | — | < 4.16.1_06-150400.4.8.1 | 4.16.1_06-150400.4.8.1 | Jun 15, 2022 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-26362 | — | < 4.16.1_04-150400.4.5.2 | 4.16.1_04-150400.4.5.2 | Jun 9, 2022 | x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates | ||
| CVE-2022-26364 | — | < 4.16.1_04-150400.4.5.2 | 4.16.1_04-150400.4.5.2 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | ||
| CVE-2022-26363 | — | < 4.16.1_04-150400.4.5.2 | 4.16.1_04-150400.4.5.2 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch |
- CVE-2022-23825Jul 14, 2022affected < 4.16.1_06-150400.4.8.1fixed 4.16.1_06-150400.4.8.1
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
- CVE-2022-29900Jul 12, 2022affected < 4.16.1_06-150400.4.8.1fixed 4.16.1_06-150400.4.8.1
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
- CVE-2022-21166Jun 15, 2022affected < 4.16.1_06-150400.4.8.1fixed 4.16.1_06-150400.4.8.1
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21125Jun 15, 2022affected < 4.16.1_06-150400.4.8.1fixed 4.16.1_06-150400.4.8.1
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21123Jun 15, 2022affected < 4.16.1_06-150400.4.8.1fixed 4.16.1_06-150400.4.8.1
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-26362Jun 9, 2022affected < 4.16.1_04-150400.4.5.2fixed 4.16.1_04-150400.4.5.2
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates
- CVE-2022-26364Jun 9, 2022affected < 4.16.1_04-150400.4.5.2fixed 4.16.1_04-150400.4.5.2
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- CVE-2022-26363Jun 9, 2022affected < 4.16.1_04-150400.4.5.2fixed 4.16.1_04-150400.4.5.2
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
Page 3 of 3