rpm package
suse/xen&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS
Vulnerabilities (85)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-46839 | — | < 4.12.4_44-150100.3.101.1 | 4.12.4_44-150100.3.101.1 | Mar 20, 2024 | PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions ne | ||
| CVE-2023-46836 | — | < 4.12.4_42-150100.3.98.1 | 4.12.4_42-150100.3.98.1 | Jan 5, 2024 | The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown (XPTI) deliberately left interrupt | ||
| CVE-2023-46835 | — | < 4.12.4_42-150100.3.98.1 | 4.12.4_42-150100.3.98.1 | Jan 5, 2024 | The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-Vi IOMMU page tables levels ba | ||
| CVE-2023-34328 | — | < 4.12.4_40-150100.3.95.1 | 4.12.4_40-150100.3.95.1 | Jan 5, 2024 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro | ||
| CVE-2023-34327 | — | < 4.12.4_40-150100.3.95.1 | 4.12.4_40-150100.3.95.1 | Jan 5, 2024 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro | ||
| CVE-2023-34325 | — | < 4.12.4_40-150100.3.95.1 | 4.12.4_40-150100.3.95.1 | Jan 5, 2024 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disk | ||
| CVE-2023-34326 | — | < 4.12.4_40-150100.3.95.1 | 4.12.4_40-150100.3.95.1 | Jan 5, 2024 | The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can | ||
| CVE-2023-34323 | — | < 4.12.4_40-150100.3.95.1 | 4.12.4_40-150100.3.95.1 | Jan 5, 2024 | When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xensto | ||
| CVE-2023-34322 | — | < 4.12.4_38-150100.3.92.1 | 4.12.4_38-150100.3.92.1 | Jan 5, 2024 | For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests thi | ||
| CVE-2022-40982 | — | < 4.12.4_36-150100.3.89.1 | 4.12.4_36-150100.3.89.1 | Aug 11, 2023 | Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2023-20588 | — | < 4.12.4_38-150100.3.92.1 | 4.12.4_38-150100.3.92.1 | Aug 8, 2023 | A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | ||
| CVE-2023-20569 | — | < 4.12.4_36-150100.3.89.1 | 4.12.4_36-150100.3.89.1 | Aug 8, 2023 | A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | ||
| CVE-2023-20593 | — | < 4.12.4_36-150100.3.89.1 | 4.12.4_36-150100.3.89.1 | Jul 24, 2023 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | ||
| CVE-2022-42334 | — | < 4.12.4_34-150100.3.86.1 | 4.12.4_34-150100.3.86.1 | Mar 21, 2023 | x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly | ||
| CVE-2022-42333 | — | < 4.12.4_34-150100.3.86.1 | 4.12.4_34-150100.3.86.1 | Mar 21, 2023 | x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly | ||
| CVE-2022-42332 | — | < 4.12.4_34-150100.3.86.1 | 4.12.4_34-150100.3.86.1 | Mar 21, 2023 | x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tab | ||
| CVE-2022-42331 | — | < 4.12.4_34-150100.3.86.1 | 4.12.4_34-150100.3.86.1 | Mar 21, 2023 | x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be att | ||
| CVE-2022-23824 | — | < 4.12.4_32-150100.3.83.1 | 4.12.4_32-150100.3.83.1 | Nov 9, 2022 | IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. | ||
| CVE-2022-42326 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Nov 1, 2022 | Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the | ||
| CVE-2022-42325 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Nov 1, 2022 | Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the |
- CVE-2023-46839Mar 20, 2024affected < 4.12.4_44-150100.3.101.1fixed 4.12.4_44-150100.3.101.1
PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions ne
- CVE-2023-46836Jan 5, 2024affected < 4.12.4_42-150100.3.98.1fixed 4.12.4_42-150100.3.98.1
The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown (XPTI) deliberately left interrupt
- CVE-2023-46835Jan 5, 2024affected < 4.12.4_42-150100.3.98.1fixed 4.12.4_42-150100.3.98.1
The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-Vi IOMMU page tables levels ba
- CVE-2023-34328Jan 5, 2024affected < 4.12.4_40-150100.3.95.1fixed 4.12.4_40-150100.3.95.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro
- CVE-2023-34327Jan 5, 2024affected < 4.12.4_40-150100.3.95.1fixed 4.12.4_40-150100.3.95.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro
- CVE-2023-34325Jan 5, 2024affected < 4.12.4_40-150100.3.95.1fixed 4.12.4_40-150100.3.95.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disk
- CVE-2023-34326Jan 5, 2024affected < 4.12.4_40-150100.3.95.1fixed 4.12.4_40-150100.3.95.1
The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can
- CVE-2023-34323Jan 5, 2024affected < 4.12.4_40-150100.3.95.1fixed 4.12.4_40-150100.3.95.1
When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xensto
- CVE-2023-34322Jan 5, 2024affected < 4.12.4_38-150100.3.92.1fixed 4.12.4_38-150100.3.92.1
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests thi
- CVE-2022-40982Aug 11, 2023affected < 4.12.4_36-150100.3.89.1fixed 4.12.4_36-150100.3.89.1
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2023-20588Aug 8, 2023affected < 4.12.4_38-150100.3.92.1fixed 4.12.4_38-150100.3.92.1
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
- CVE-2023-20569Aug 8, 2023affected < 4.12.4_36-150100.3.89.1fixed 4.12.4_36-150100.3.89.1
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
- CVE-2023-20593Jul 24, 2023affected < 4.12.4_36-150100.3.89.1fixed 4.12.4_36-150100.3.89.1
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
- CVE-2022-42334Mar 21, 2023affected < 4.12.4_34-150100.3.86.1fixed 4.12.4_34-150100.3.86.1
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly
- CVE-2022-42333Mar 21, 2023affected < 4.12.4_34-150100.3.86.1fixed 4.12.4_34-150100.3.86.1
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly
- CVE-2022-42332Mar 21, 2023affected < 4.12.4_34-150100.3.86.1fixed 4.12.4_34-150100.3.86.1
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tab
- CVE-2022-42331Mar 21, 2023affected < 4.12.4_34-150100.3.86.1fixed 4.12.4_34-150100.3.86.1
x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be att
- CVE-2022-23824Nov 9, 2022affected < 4.12.4_32-150100.3.83.1fixed 4.12.4_32-150100.3.83.1
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
- CVE-2022-42326Nov 1, 2022affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the
- CVE-2022-42325Nov 1, 2022affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the
Page 1 of 5