rpm package
suse/xen&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS
Vulnerabilities (67)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-23825 | — | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jul 14, 2022 | Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | ||
| CVE-2022-29900 | — | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jul 12, 2022 | Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | ||
| CVE-2022-33742 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-33741 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-33740 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-26365 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-21166 | — | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jun 15, 2022 | Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-21125 | — | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jun 15, 2022 | Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-21123 | — | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jun 15, 2022 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-26362 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Jun 9, 2022 | x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates | ||
| CVE-2022-26364 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | ||
| CVE-2022-26363 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | ||
| CVE-2022-26361 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26360 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26359 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26358 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26357 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The clea | ||
| CVE-2022-26356 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_ | ||
| CVE-2022-0002 | — | < 4.12.4_20-3.63.1 | 4.12.4_20-3.63.1 | Mar 11, 2022 | Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2021-26401 | — | < 4.12.4_20-3.63.1 | 4.12.4_20-3.63.1 | Mar 11, 2022 | LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. |
- CVE-2022-23825Jul 14, 2022affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
- CVE-2022-29900Jul 12, 2022affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
- CVE-2022-33742Jul 5, 2022affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-33741Jul 5, 2022affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-33740Jul 5, 2022affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-26365Jul 5, 2022affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-21166Jun 15, 2022affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21125Jun 15, 2022affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21123Jun 15, 2022affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-26362Jun 9, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates
- CVE-2022-26364Jun 9, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- CVE-2022-26363Jun 9, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- CVE-2022-26361Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26360Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26359Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26358Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26357Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The clea
- CVE-2022-26356Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_
- CVE-2022-0002Mar 11, 2022affected < 4.12.4_20-3.63.1fixed 4.12.4_20-3.63.1
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2021-26401Mar 11, 2022affected < 4.12.4_20-3.63.1fixed 4.12.4_20-3.63.1
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
Page 2 of 4