rpm package
suse/xen&distro=SUSE Linux Enterprise Module for Server Applications 15 SP5
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5
Vulnerabilities (28)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-34323 | — | < 4.17.2_06-150500.3.12.1 | 4.17.2_06-150500.3.12.1 | Jan 5, 2024 | When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xensto | ||
| CVE-2023-34322 | — | < 4.17.2_04-150500.3.9.1 | 4.17.2_04-150500.3.9.1 | Jan 5, 2024 | For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests thi | ||
| CVE-2022-40982 | — | < 4.17.2_02-150500.3.6.1 | 4.17.2_02-150500.3.6.1 | Aug 11, 2023 | Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2023-20588 | — | < 4.17.2_04-150500.3.9.1 | 4.17.2_04-150500.3.9.1 | Aug 8, 2023 | A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | ||
| CVE-2023-20569 | — | < 4.17.2_02-150500.3.6.1 | 4.17.2_02-150500.3.6.1 | Aug 8, 2023 | A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | ||
| CVE-2023-20593 | — | < 4.17.2_02-150500.3.6.1 | 4.17.2_02-150500.3.6.1 | Jul 24, 2023 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | ||
| CVE-2022-42336 | — | < 4.17.1_04-150500.3.3.1 | 4.17.1_04-150500.3.3.1 | May 17, 2023 | Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of ho | ||
| CVE-2022-42335 | — | < 4.17.1_04-150500.3.3.1 | 4.17.1_04-150500.3.3.1 | Apr 25, 2023 | x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for |
- CVE-2023-34323Jan 5, 2024affected < 4.17.2_06-150500.3.12.1fixed 4.17.2_06-150500.3.12.1
When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xensto
- CVE-2023-34322Jan 5, 2024affected < 4.17.2_04-150500.3.9.1fixed 4.17.2_04-150500.3.9.1
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests thi
- CVE-2022-40982Aug 11, 2023affected < 4.17.2_02-150500.3.6.1fixed 4.17.2_02-150500.3.6.1
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2023-20588Aug 8, 2023affected < 4.17.2_04-150500.3.9.1fixed 4.17.2_04-150500.3.9.1
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
- CVE-2023-20569Aug 8, 2023affected < 4.17.2_02-150500.3.6.1fixed 4.17.2_02-150500.3.6.1
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
- CVE-2023-20593Jul 24, 2023affected < 4.17.2_02-150500.3.6.1fixed 4.17.2_02-150500.3.6.1
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
- CVE-2022-42336May 17, 2023affected < 4.17.1_04-150500.3.3.1fixed 4.17.1_04-150500.3.3.1
Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of ho
- CVE-2022-42335Apr 25, 2023affected < 4.17.1_04-150500.3.3.1fixed 4.17.1_04-150500.3.3.1
x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for
Page 2 of 2