rpm package
suse/xen&distro=SUSE Linux Enterprise High Performance Computing 15-LTSS
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS
Vulnerabilities (88)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-15563 | — | < 4.10.4_12-3.35.1 | 4.10.4_12-3.35.1 | Jul 7, 2020 | An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A mali | ||
| CVE-2020-15566 | — | < 4.10.4_12-3.35.1 | 4.10.4_12-3.35.1 | Jul 7, 2020 | An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: (1) port is already in use, (2) the memory | ||
| CVE-2020-0543 | — | < 4.10.4_10-3.31.1 | 4.10.4_10-3.31.1 | Jun 15, 2020 | Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-11743 | — | < 4.10.4_10-3.31.1 | 4.10.4_10-3.31.1 | Apr 14, 2020 | An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause one | ||
| CVE-2020-11742 | — | < 4.10.4_10-3.31.1 | 4.10.4_10-3.31.1 | Apr 14, 2020 | An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 int | ||
| CVE-2020-11741 | — | < 4.10.4_10-3.31.1 | 4.10.4_10-3.31.1 | Apr 14, 2020 | An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the admini | ||
| CVE-2020-11740 | — | < 4.10.4_10-3.31.1 | 4.10.4_10-3.31.1 | Apr 14, 2020 | An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. Thes | ||
| CVE-2020-11739 | — | < 4.10.4_10-3.31.1 | 4.10.4_10-3.31.1 | Apr 14, 2020 | An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths don't contain a memory barrier. On Arm, this means a processo |
- CVE-2020-15563Jul 7, 2020affected < 4.10.4_12-3.35.1fixed 4.10.4_12-3.35.1
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A mali
- CVE-2020-15566Jul 7, 2020affected < 4.10.4_12-3.35.1fixed 4.10.4_12-3.35.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: (1) port is already in use, (2) the memory
- CVE-2020-0543Jun 15, 2020affected < 4.10.4_10-3.31.1fixed 4.10.4_10-3.31.1
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-11743Apr 14, 2020affected < 4.10.4_10-3.31.1fixed 4.10.4_10-3.31.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause one
- CVE-2020-11742Apr 14, 2020affected < 4.10.4_10-3.31.1fixed 4.10.4_10-3.31.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 int
- CVE-2020-11741Apr 14, 2020affected < 4.10.4_10-3.31.1fixed 4.10.4_10-3.31.1
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the admini
- CVE-2020-11740Apr 14, 2020affected < 4.10.4_10-3.31.1fixed 4.10.4_10-3.31.1
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. Thes
- CVE-2020-11739Apr 14, 2020affected < 4.10.4_10-3.31.1fixed 4.10.4_10-3.31.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths don't contain a memory barrier. On Arm, this means a processo
Page 5 of 5