rpm package

suse/xen&distro=SUSE Linux Enterprise Module for Basesystem 15 SP4

pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4

Vulnerabilities (48)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-46836		—	< 4.16.5_08-150400.4.40.1	4.16.5_08-150400.4.40.1	Jan 5, 2024	The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown (XPTI) deliberately left interrupt
CVE-2023-46835		—	< 4.16.5_08-150400.4.40.1	4.16.5_08-150400.4.40.1	Jan 5, 2024	The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-Vi IOMMU page tables levels ba
CVE-2023-34328		—	< 4.16.5_06-150400.4.37.1	4.16.5_06-150400.4.37.1	Jan 5, 2024	[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro
CVE-2023-34327		—	< 4.16.5_06-150400.4.37.1	4.16.5_06-150400.4.37.1	Jan 5, 2024	[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro
CVE-2023-34325		—	< 4.16.5_06-150400.4.37.1	4.16.5_06-150400.4.37.1	Jan 5, 2024	[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disk
CVE-2023-34326		—	< 4.16.5_06-150400.4.37.1	4.16.5_06-150400.4.37.1	Jan 5, 2024	The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can
CVE-2023-34323		—	< 4.16.5_06-150400.4.37.1	4.16.5_06-150400.4.37.1	Jan 5, 2024	When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xensto
CVE-2023-34322		—	< 4.16.5_04-150400.4.34.1	4.16.5_04-150400.4.34.1	Jan 5, 2024	For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests thi
CVE-2022-40982		—	< 4.16.5_02-150400.4.31.1	4.16.5_02-150400.4.31.1	Aug 11, 2023	Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2023-20588		—	< 4.16.5_04-150400.4.34.1	4.16.5_04-150400.4.34.1	Aug 8, 2023	A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
CVE-2023-20569		—	< 4.16.5_02-150400.4.31.1	4.16.5_02-150400.4.31.1	Aug 8, 2023	A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVE-2023-20593		—	< 4.16.5_02-150400.4.31.1	4.16.5_02-150400.4.31.1	Jul 24, 2023	An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
CVE-2022-42334		—	< 4.16.3_06-150400.4.25.1	4.16.3_06-150400.4.25.1	Mar 21, 2023	x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly
CVE-2022-42333		—	< 4.16.3_06-150400.4.25.1	4.16.3_06-150400.4.25.1	Mar 21, 2023	x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly
CVE-2022-42332		—	< 4.16.3_06-150400.4.25.1	4.16.3_06-150400.4.25.1	Mar 21, 2023	x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tab
CVE-2022-42331		—	< 4.16.3_06-150400.4.25.1	4.16.3_06-150400.4.25.1	Mar 21, 2023	x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be att
CVE-2022-27672	Med	4.7	< 4.16.3_04-150400.4.22.1	4.16.3_04-150400.4.22.1	Mar 1, 2023	When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
CVE-2022-23824		—	< 4.16.3_02-150400.4.19.1	4.16.3_02-150400.4.19.1	Nov 9, 2022	IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
CVE-2022-42327		—	< 4.16.2_08-150400.4.16.1	4.16.2_08-150400.4.16.1	Nov 1, 2022	x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that
CVE-2022-42326		—	< 4.16.2_08-150400.4.16.1	4.16.2_08-150400.4.16.1	Nov 1, 2022	Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the

CVE-2023-46836Jan 5, 2024
affected < 4.16.5_08-150400.4.40.1fixed 4.16.5_08-150400.4.40.1
The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown (XPTI) deliberately left interrupt
CVE-2023-46835Jan 5, 2024
affected < 4.16.5_08-150400.4.40.1fixed 4.16.5_08-150400.4.40.1
The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-Vi IOMMU page tables levels ba
CVE-2023-34328Jan 5, 2024
affected < 4.16.5_06-150400.4.37.1fixed 4.16.5_06-150400.4.37.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro
CVE-2023-34327Jan 5, 2024
affected < 4.16.5_06-150400.4.37.1fixed 4.16.5_06-150400.4.37.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro
CVE-2023-34325Jan 5, 2024
affected < 4.16.5_06-150400.4.37.1fixed 4.16.5_06-150400.4.37.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disk
CVE-2023-34326Jan 5, 2024
affected < 4.16.5_06-150400.4.37.1fixed 4.16.5_06-150400.4.37.1
The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can
CVE-2023-34323Jan 5, 2024
affected < 4.16.5_06-150400.4.37.1fixed 4.16.5_06-150400.4.37.1
When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xensto
CVE-2023-34322Jan 5, 2024
affected < 4.16.5_04-150400.4.34.1fixed 4.16.5_04-150400.4.34.1
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests thi
CVE-2022-40982Aug 11, 2023
affected < 4.16.5_02-150400.4.31.1fixed 4.16.5_02-150400.4.31.1
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2023-20588Aug 8, 2023
affected < 4.16.5_04-150400.4.34.1fixed 4.16.5_04-150400.4.34.1
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
CVE-2023-20569Aug 8, 2023
affected < 4.16.5_02-150400.4.31.1fixed 4.16.5_02-150400.4.31.1
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVE-2023-20593Jul 24, 2023
affected < 4.16.5_02-150400.4.31.1fixed 4.16.5_02-150400.4.31.1
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
CVE-2022-42334Mar 21, 2023
affected < 4.16.3_06-150400.4.25.1fixed 4.16.3_06-150400.4.25.1
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly
CVE-2022-42333Mar 21, 2023
affected < 4.16.3_06-150400.4.25.1fixed 4.16.3_06-150400.4.25.1
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly
CVE-2022-42332Mar 21, 2023
affected < 4.16.3_06-150400.4.25.1fixed 4.16.3_06-150400.4.25.1
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tab
CVE-2022-42331Mar 21, 2023
affected < 4.16.3_06-150400.4.25.1fixed 4.16.3_06-150400.4.25.1
x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be att
CVE-2022-27672MedMar 1, 2023
affected < 4.16.3_04-150400.4.22.1fixed 4.16.3_04-150400.4.22.1
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
CVE-2022-23824Nov 9, 2022
affected < 4.16.3_02-150400.4.19.1fixed 4.16.3_02-150400.4.19.1
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
CVE-2022-42327Nov 1, 2022
affected < 4.16.2_08-150400.4.16.1fixed 4.16.2_08-150400.4.16.1
x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that
CVE-2022-42326Nov 1, 2022
affected < 4.16.2_08-150400.4.16.1fixed 4.16.2_08-150400.4.16.1
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the

Page 1 of 3