rpm package
suse/xen&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS
Vulnerabilities (67)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-28692 | — | < 4.12.4_12-3.52.1 | 4.12.4_12-3.52.1 | Jun 30, 2021 | inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead, | ||
| CVE-2021-28690 | — | < 4.12.4_12-3.52.1 | 4.12.4_12-3.52.1 | Jun 29, 2021 | x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires s | ||
| CVE-2021-28687 | — | < 4.12.4_08-3.43.3 | 4.12.4_08-3.43.3 | Jun 11, 2021 | HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, | ||
| CVE-2021-28689 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jun 11, 2021 | x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's nov | ||
| CVE-2021-0089 | — | < 4.12.4_12-3.52.1 | 4.12.4_12-3.52.1 | Jun 9, 2021 | Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2021-3308 | — | < 4.12.4_08-3.43.3 | 4.12.4_08-3.43.3 | Jan 26, 2021 | An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will | ||
| CVE-2020-28368 | — | < 4.12.4_08-3.43.3 | 4.12.4_08-3.43.3 | Nov 10, 2020 | Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the |
- CVE-2021-28692Jun 30, 2021affected < 4.12.4_12-3.52.1fixed 4.12.4_12-3.52.1
inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead,
- CVE-2021-28690Jun 29, 2021affected < 4.12.4_12-3.52.1fixed 4.12.4_12-3.52.1
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires s
- CVE-2021-28687Jun 11, 2021affected < 4.12.4_08-3.43.3fixed 4.12.4_08-3.43.3
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline,
- CVE-2021-28689Jun 11, 2021affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's nov
- CVE-2021-0089Jun 9, 2021affected < 4.12.4_12-3.52.1fixed 4.12.4_12-3.52.1
Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2021-3308Jan 26, 2021affected < 4.12.4_08-3.43.3fixed 4.12.4_08-3.43.3
An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will
- CVE-2020-28368Nov 10, 2020affected < 4.12.4_08-3.43.3fixed 4.12.4_08-3.43.3
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the
Page 4 of 4