rpm package
suse/xen&distro=SUSE Linux Enterprise Server 15 SP1-LTSS
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS
Vulnerabilities (85)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-33742 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-33741 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-33740 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-26365 | — | < 4.12.4_30-150100.3.80.1 | 4.12.4_30-150100.3.80.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | ||
| CVE-2022-21166 | — | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jun 15, 2022 | Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-21125 | — | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jun 15, 2022 | Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-21123 | — | < 4.12.4_26-150100.3.75.1 | 4.12.4_26-150100.3.75.1 | Jun 15, 2022 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-26362 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Jun 9, 2022 | x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates | ||
| CVE-2022-26364 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | ||
| CVE-2022-26363 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Jun 9, 2022 | x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch | ||
| CVE-2022-26361 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26360 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26359 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26358 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese | ||
| CVE-2022-26357 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The clea | ||
| CVE-2022-26356 | — | < 4.12.4_24-150100.3.72.1 | 4.12.4_24-150100.3.72.1 | Apr 5, 2022 | Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_ | ||
| CVE-2022-0002 | — | < 4.12.4_20-3.63.1 | 4.12.4_20-3.63.1 | Mar 11, 2022 | Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2021-26401 | — | < 4.12.4_20-3.63.1 | 4.12.4_20-3.63.1 | Mar 11, 2022 | LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. | ||
| CVE-2022-0001 | — | < 4.12.4_20-3.63.1 | 4.12.4_20-3.63.1 | Mar 11, 2022 | Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2022-23035 | — | < 4.12.4_18-3.60.2 | 4.12.4_18-3.60.2 | Jan 25, 2022 | Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. In the case where an interrupt is not quiescent |
- CVE-2022-33742Jul 5, 2022affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-33741Jul 5, 2022affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-33740Jul 5, 2022affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-26365Jul 5, 2022affected < 4.12.4_30-150100.3.80.1fixed 4.12.4_30-150100.3.80.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- CVE-2022-21166Jun 15, 2022affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21125Jun 15, 2022affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21123Jun 15, 2022affected < 4.12.4_26-150100.3.75.1fixed 4.12.4_26-150100.3.75.1
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-26362Jun 9, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates
- CVE-2022-26364Jun 9, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- CVE-2022-26363Jun 9, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This sch
- CVE-2022-26361Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26360Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26359Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26358Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Rese
- CVE-2022-26357Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The clea
- CVE-2022-26356Apr 5, 2022affected < 4.12.4_24-150100.3.72.1fixed 4.12.4_24-150100.3.72.1
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_
- CVE-2022-0002Mar 11, 2022affected < 4.12.4_20-3.63.1fixed 4.12.4_20-3.63.1
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2021-26401Mar 11, 2022affected < 4.12.4_20-3.63.1fixed 4.12.4_20-3.63.1
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
- CVE-2022-0001Mar 11, 2022affected < 4.12.4_20-3.63.1fixed 4.12.4_20-3.63.1
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2022-23035Jan 25, 2022affected < 4.12.4_18-3.60.2fixed 4.12.4_18-3.60.2
Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. In the case where an interrupt is not quiescent
Page 3 of 5