rpm package
suse/xen&distro=SUSE Linux Enterprise Server 15 SP1-BCL
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL
Vulnerabilities (67)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-23825 | Med | 6.5 | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jul 14, 2022 | Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | |
| CVE-2022-29900 | Med | 6.5 | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jul 12, 2022 | Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | |
| CVE-2022-33742 | Hig | 7.1 | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | |
| CVE-2022-33741 | Hig | 7.1 | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | |
| CVE-2022-33740 | Hig | 7.1 | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | |
| CVE-2022-26365 | Hig | 7.1 | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | |
| CVE-2022-21166 | Med | 5.5 | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jun 15, 2022 | Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2022-21125 | Med | 5.5 | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jun 15, 2022 | Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2022-21123 | Med | 5.5 | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jun 15, 2022 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2022-26364 | Med | 6.7 | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | |
| CVE-2022-26363 | Med | 6.7 | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | |
| CVE-2022-26362 | Med | 6.4 | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Jun 9, 2022 | x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates | |
| CVE-2022-26361 | Hig | 7.8 | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | |
| CVE-2022-26360 | Hig | 7.8 | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | |
| CVE-2022-26359 | Hig | 7.8 | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | |
| CVE-2022-26358 | Hig | 7.8 | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | |
| CVE-2022-26357 | Hig | 7.0 | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The clea | |
| CVE-2022-26356 | Med | 5.6 | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_ | |
| CVE-2022-0002 | Med | 6.5 | < 4.12.4_20-3.63.1 | 4.12.4_20-3.63.1 | Mar 11, 2022 | Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |
| CVE-2022-0001 | Med | 6.5 | < 4.12.4_20-3.63.1 | 4.12.4_20-3.63.1 | Mar 11, 2022 | Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. |
- affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
- affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
- affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates
- affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The clea
- affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_
- affected < 4.12.4_20-3.63.1fixed 4.12.4_20-3.63.1
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- affected < 4.12.4_20-3.63.1fixed 4.12.4_20-3.63.1
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
Page 2 of 4