rpm package
suse/xen&distro=SUSE Linux Enterprise Server 15 SP1-BCL
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL
Vulnerabilities (67)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-28692 | Hig | 7.1 | < 4.12.4_12-3.52.1 | 4.12.4_12-3.52.1 | Jun 30, 2021 | inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead, | |
| CVE-2021-28690 | Med | 6.5 | < 4.12.4_12-3.52.1 | 4.12.4_12-3.52.1 | Jun 29, 2021 | x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires s | |
| CVE-2021-28689 | Med | 5.5 | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jun 11, 2021 | x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's nov | |
| CVE-2021-28687 | Med | 5.5 | < 4.12.4_08-3.43.3 | 4.12.4_08-3.43.3 | Jun 11, 2021 | HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, | |
| CVE-2021-0089 | Med | 6.5 | < 4.12.4_12-3.52.1 | 4.12.4_12-3.52.1 | Jun 9, 2021 | Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |
| CVE-2021-3308 | Med | 5.5 | < 4.12.4_08-3.43.3 | 4.12.4_08-3.43.3 | Jan 26, 2021 | An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will | |
| CVE-2020-28368 | Med | 4.4 | < 4.12.4_08-3.43.3 | 4.12.4_08-3.43.3 | Nov 10, 2020 | Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the |
- affected < 4.12.4_12-3.52.1fixed 4.12.4_12-3.52.1
inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead,
- affected < 4.12.4_12-3.52.1fixed 4.12.4_12-3.52.1
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires s
- affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's nov
- affected < 4.12.4_08-3.43.3fixed 4.12.4_08-3.43.3
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline,
- affected < 4.12.4_12-3.52.1fixed 4.12.4_12-3.52.1
Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- affected < 4.12.4_08-3.43.3fixed 4.12.4_08-3.43.3
An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will
- affected < 4.12.4_08-3.43.3fixed 4.12.4_08-3.43.3
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the
Page 4 of 4