rpm package
suse/xen&distro=SUSE Linux Enterprise Module for Server Applications 15 SP4
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4
Vulnerabilities (48)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-23825 | Med | 6.5 | < 4.16.1_06-150400.4.8.1 | 4.16.1_06-150400.4.8.1 | Jul 14, 2022 | Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | |
| CVE-2022-29900 | Med | 6.5 | < 4.16.1_06-150400.4.8.1 | 4.16.1_06-150400.4.8.1 | Jul 12, 2022 | Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | |
| CVE-2022-21166 | Med | 5.5 | < 4.16.1_06-150400.4.8.1 | 4.16.1_06-150400.4.8.1 | Jun 15, 2022 | Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2022-21125 | Med | 5.5 | < 4.16.1_06-150400.4.8.1 | 4.16.1_06-150400.4.8.1 | Jun 15, 2022 | Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2022-21123 | Med | 5.5 | < 4.16.1_06-150400.4.8.1 | 4.16.1_06-150400.4.8.1 | Jun 15, 2022 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2022-26364 | Med | 6.7 | < 4.16.1_04-150400.4.5.2 | 4.16.1_04-150400.4.5.2 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | |
| CVE-2022-26363 | Med | 6.7 | < 4.16.1_04-150400.4.5.2 | 4.16.1_04-150400.4.5.2 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | |
| CVE-2022-26362 | Med | 6.4 | < 4.16.1_04-150400.4.5.2 | 4.16.1_04-150400.4.5.2 | Jun 9, 2022 | x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates |
- affected < 4.16.1_06-150400.4.8.1fixed 4.16.1_06-150400.4.8.1
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
- affected < 4.16.1_06-150400.4.8.1fixed 4.16.1_06-150400.4.8.1
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
- affected < 4.16.1_06-150400.4.8.1fixed 4.16.1_06-150400.4.8.1
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 4.16.1_06-150400.4.8.1fixed 4.16.1_06-150400.4.8.1
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 4.16.1_06-150400.4.8.1fixed 4.16.1_06-150400.4.8.1
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 4.16.1_04-150400.4.5.2fixed 4.16.1_04-150400.4.5.2
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- affected < 4.16.1_04-150400.4.5.2fixed 4.16.1_04-150400.4.5.2
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- affected < 4.16.1_04-150400.4.5.2fixed 4.16.1_04-150400.4.5.2
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates
Page 3 of 3