rpm package

opensuse/xen&distro=openSUSE Leap 15.1

pkg:rpm/opensuse/xen&distro=openSUSE%20Leap%2015.1

Vulnerabilities (30)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-29481	—	< 4.12.4_06-lp151.2.36.1	4.12.4_06-lp151.2.36.1	Dec 15, 2020	An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to
CVE-2020-29484	—	< 4.12.4_06-lp151.2.36.1	4.12.4_06-lp151.2.36.1	Dec 15, 2020	An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the xenstore client that registered the watch will receive a Xenstore message containing the path of the modified Xenstore entry that triggered the watch, and the tag that was specified when registering t
CVE-2020-29483	—	< 4.12.4_06-lp151.2.36.1	4.12.4_06-lp151.2.36.1	Dec 15, 2020	An issue was discovered in Xen through 4.14.x. Xenstored and guests communicate via a shared memory page using a specific protocol. When a guest violates this protocol, xenstored will drop the connection to that guest. Unfortunately, this is done by just removing the guest from x
CVE-2020-29480	—	< 4.12.4_06-lp151.2.36.1	4.12.4_06-lp151.2.36.1	Dec 15, 2020	An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node, which will cause notifications for every created, modified, and deleted key. A
CVE-2020-29571	—	< 4.12.4_06-lp151.2.36.1	4.12.4_06-lp151.2.36.1	Dec 15, 2020	An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. While the producer side uses appropriately ordered writes, the consumer side isn't protected agains
CVE-2020-29570	—	< 4.12.4_06-lp151.2.36.1	4.12.4_06-lp151.2.36.1	Dec 15, 2020	An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or bugg
CVE-2020-29566	—	< 4.12.4_06-lp151.2.36.1	4.12.4_06-lp151.2.36.1	Dec 15, 2020	An issue was discovered in Xen through 4.14.x. When they require assistance from the device model, x86 HVM guests must be temporarily de-scheduled. The device model will signal Xen when it has completed its operation, via an event channel, so that the relevant vCPU is rescheduled
CVE-2020-28368	—	< 4.12.4_02-lp151.2.30.1	4.12.4_02-lp151.2.30.1	Nov 10, 2020	Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the
CVE-2020-27670	—	< 4.12.3_10-lp151.2.27.1	4.12.3_10-lp151.2.27.1	Oct 22, 2020	An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.
CVE-2020-27671	—	< 4.12.3_10-lp151.2.27.1	4.12.3_10-lp151.2.27.1	Oct 22, 2020	An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
CVE-2020-27672	—	< 4.12.3_10-lp151.2.27.1	4.12.3_10-lp151.2.27.1	Oct 22, 2020	An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages.
CVE-2020-27673	—	< 4.12.3_10-lp151.2.27.1	4.12.3_10-lp151.2.27.1	Oct 22, 2020	An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
CVE-2020-27674	—	< 4.12.4_04-lp151.2.33.1	4.12.4_04-lp151.2.33.1	Oct 22, 2020	An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.
CVE-2020-15567	—	< 4.12.3_04-lp151.2.21.1	4.12.3_04-lp151.2.21.1	Jul 7, 2020	An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-at
CVE-2020-15565	—	< 4.12.3_04-lp151.2.21.1	4.12.3_04-lp151.2.21.1	Jul 7, 2020	An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require fl
CVE-2020-15563	—	< 4.12.3_04-lp151.2.21.1	4.12.3_04-lp151.2.21.1	Jul 7, 2020	An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A mali
CVE-2020-15566	—	< 4.12.3_04-lp151.2.21.1	4.12.3_04-lp151.2.21.1	Jul 7, 2020	An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: (1) port is already in use, (2) the memory
CVE-2020-0543	—	< 4.12.3_02-lp151.2.18.2	4.12.3_02-lp151.2.18.2	Jun 15, 2020	Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-11743	—	< 4.12.2_04-lp151.2.15.1	4.12.2_04-lp151.2.15.1	Apr 14, 2020	An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause one
CVE-2020-11742	—	< 4.12.2_04-lp151.2.15.1	4.12.2_04-lp151.2.15.1	Apr 14, 2020	An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 int

CVE-2020-29481Dec 15, 2020
affected < 4.12.4_06-lp151.2.36.1fixed 4.12.4_06-lp151.2.36.1
An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to
CVE-2020-29484Dec 15, 2020
affected < 4.12.4_06-lp151.2.36.1fixed 4.12.4_06-lp151.2.36.1
An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the xenstore client that registered the watch will receive a Xenstore message containing the path of the modified Xenstore entry that triggered the watch, and the tag that was specified when registering t
CVE-2020-29483Dec 15, 2020
affected < 4.12.4_06-lp151.2.36.1fixed 4.12.4_06-lp151.2.36.1
An issue was discovered in Xen through 4.14.x. Xenstored and guests communicate via a shared memory page using a specific protocol. When a guest violates this protocol, xenstored will drop the connection to that guest. Unfortunately, this is done by just removing the guest from x
CVE-2020-29480Dec 15, 2020
affected < 4.12.4_06-lp151.2.36.1fixed 4.12.4_06-lp151.2.36.1
An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node, which will cause notifications for every created, modified, and deleted key. A
CVE-2020-29571Dec 15, 2020
affected < 4.12.4_06-lp151.2.36.1fixed 4.12.4_06-lp151.2.36.1
An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. While the producer side uses appropriately ordered writes, the consumer side isn't protected agains
CVE-2020-29570Dec 15, 2020
affected < 4.12.4_06-lp151.2.36.1fixed 4.12.4_06-lp151.2.36.1
An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or bugg
CVE-2020-29566Dec 15, 2020
affected < 4.12.4_06-lp151.2.36.1fixed 4.12.4_06-lp151.2.36.1
An issue was discovered in Xen through 4.14.x. When they require assistance from the device model, x86 HVM guests must be temporarily de-scheduled. The device model will signal Xen when it has completed its operation, via an event channel, so that the relevant vCPU is rescheduled
CVE-2020-28368Nov 10, 2020
affected < 4.12.4_02-lp151.2.30.1fixed 4.12.4_02-lp151.2.30.1
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the
CVE-2020-27670Oct 22, 2020
affected < 4.12.3_10-lp151.2.27.1fixed 4.12.3_10-lp151.2.27.1
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.
CVE-2020-27671Oct 22, 2020
affected < 4.12.3_10-lp151.2.27.1fixed 4.12.3_10-lp151.2.27.1
An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
CVE-2020-27672Oct 22, 2020
affected < 4.12.3_10-lp151.2.27.1fixed 4.12.3_10-lp151.2.27.1
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages.
CVE-2020-27673Oct 22, 2020
affected < 4.12.3_10-lp151.2.27.1fixed 4.12.3_10-lp151.2.27.1
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
CVE-2020-27674Oct 22, 2020
affected < 4.12.4_04-lp151.2.33.1fixed 4.12.4_04-lp151.2.33.1
An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.
CVE-2020-15567Jul 7, 2020
affected < 4.12.3_04-lp151.2.21.1fixed 4.12.3_04-lp151.2.21.1
An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-at
CVE-2020-15565Jul 7, 2020
affected < 4.12.3_04-lp151.2.21.1fixed 4.12.3_04-lp151.2.21.1
An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require fl
CVE-2020-15563Jul 7, 2020
affected < 4.12.3_04-lp151.2.21.1fixed 4.12.3_04-lp151.2.21.1
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A mali
CVE-2020-15566Jul 7, 2020
affected < 4.12.3_04-lp151.2.21.1fixed 4.12.3_04-lp151.2.21.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: (1) port is already in use, (2) the memory
CVE-2020-0543Jun 15, 2020
affected < 4.12.3_02-lp151.2.18.2fixed 4.12.3_02-lp151.2.18.2
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-11743Apr 14, 2020
affected < 4.12.2_04-lp151.2.15.1fixed 4.12.2_04-lp151.2.15.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause one
CVE-2020-11742Apr 14, 2020
affected < 4.12.2_04-lp151.2.15.1fixed 4.12.2_04-lp151.2.15.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 int

Page 1 of 2