rpm package
suse/xen&distro=SUSE Linux Enterprise Module for Basesystem 15 SP2
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2
Vulnerabilities (49)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25598 | Med | 5.5 | < 4.13.1_08-3.10.1 | 4.13.1_08-3.10.1 | Sep 23, 2020 | An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasing an RCU reference, which is | |
| CVE-2020-25597 | Med | 6.5 | < 4.13.1_08-3.10.1 | 4.13.1_08-3.10.1 | Sep 23, 2020 | An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not become invalid over the life tim | |
| CVE-2020-25596 | Med | 5.5 | < 4.13.1_08-3.10.1 | 4.13.1_08-3.10.1 | Sep 23, 2020 | An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault, and incorrectly delivers it t | |
| CVE-2020-25595 | Hig | 7.8 | < 4.13.1_08-3.10.1 | 4.13.1_08-3.10.1 | Sep 23, 2020 | An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specific | |
| CVE-2020-15567 | Hig | 7.8 | < 4.13.1_04-3.4.1 | 4.13.1_04-3.4.1 | Jul 7, 2020 | An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-at | |
| CVE-2020-15566 | Med | 6.5 | < 4.13.1_04-3.4.1 | 4.13.1_04-3.4.1 | Jul 7, 2020 | An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: (1) port is already in use, (2) the memory | |
| CVE-2020-15565 | Hig | 8.8 | < 4.13.1_04-3.4.1 | 4.13.1_04-3.4.1 | Jul 7, 2020 | An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require fl | |
| CVE-2020-15563 | Med | 6.5 | < 4.13.1_04-3.4.1 | 4.13.1_04-3.4.1 | Jul 7, 2020 | An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A mali | |
| CVE-2020-0543 | Med | 5.5 | < 4.13.1_04-3.4.1 | 4.13.1_04-3.4.1 | Jun 15, 2020 | Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
- affected < 4.13.1_08-3.10.1fixed 4.13.1_08-3.10.1
An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasing an RCU reference, which is
- affected < 4.13.1_08-3.10.1fixed 4.13.1_08-3.10.1
An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not become invalid over the life tim
- affected < 4.13.1_08-3.10.1fixed 4.13.1_08-3.10.1
An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault, and incorrectly delivers it t
- affected < 4.13.1_08-3.10.1fixed 4.13.1_08-3.10.1
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specific
- affected < 4.13.1_04-3.4.1fixed 4.13.1_04-3.4.1
An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-at
- affected < 4.13.1_04-3.4.1fixed 4.13.1_04-3.4.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: (1) port is already in use, (2) the memory
- affected < 4.13.1_04-3.4.1fixed 4.13.1_04-3.4.1
An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require fl
- affected < 4.13.1_04-3.4.1fixed 4.13.1_04-3.4.1
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A mali
- affected < 4.13.1_04-3.4.1fixed 4.13.1_04-3.4.1
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Page 3 of 3