rpm package
suse/xen&distro=SUSE Linux Enterprise Server for SAP Applications 15
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015
Vulnerabilities (88)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-28708 | — | < 4.10.4_30-3.68.1 | 4.10.4_30-3.68.1 | Nov 24, 2021 | PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily hav | ||
| CVE-2021-28707 | — | < 4.10.4_30-3.68.1 | 4.10.4_30-3.68.1 | Nov 24, 2021 | PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily hav | ||
| CVE-2021-28706 | — | < 4.10.4_30-3.68.1 | 4.10.4_30-3.68.1 | Nov 24, 2021 | guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precisio | ||
| CVE-2021-28705 | — | < 4.10.4_30-3.68.1 | 4.10.4_30-3.68.1 | Nov 24, 2021 | issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them t | ||
| CVE-2021-28704 | — | < 4.10.4_30-3.68.1 | 4.10.4_30-3.68.1 | Nov 24, 2021 | PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily hav | ||
| CVE-2021-28701 | — | < 4.10.4_30-3.68.1 | 4.10.4_30-3.68.1 | Sep 8, 2021 | Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest sw | ||
| CVE-2021-28696 | — | < 4.10.4_26-3.61.1 | 4.10.4_26-3.61.1 | Aug 27, 2021 | IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically m | ||
| CVE-2021-28695 | — | < 4.10.4_26-3.61.1 | 4.10.4_26-3.61.1 | Aug 27, 2021 | IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically m | ||
| CVE-2021-28694 | — | < 4.10.4_26-3.61.1 | 4.10.4_26-3.61.1 | Aug 27, 2021 | IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically m | ||
| CVE-2021-28697 | — | < 4.10.4_26-3.61.1 | 4.10.4_26-3.61.1 | Aug 27, 2021 | grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-alloc | ||
| CVE-2021-28698 | — | < 4.10.4_26-3.61.1 | 4.10.4_26-3.61.1 | Aug 27, 2021 | long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entrie | ||
| CVE-2021-28699 | — | < 4.10.4_26-3.61.1 | 4.10.4_26-3.61.1 | Aug 27, 2021 | inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tra | ||
| CVE-2021-28692 | — | < 4.10.4_26-3.61.1 | 4.10.4_26-3.61.1 | Jun 30, 2021 | inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead, | ||
| CVE-2021-28690 | — | < 4.10.4_26-3.61.1 | 4.10.4_26-3.61.1 | Jun 29, 2021 | x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires s | ||
| CVE-2021-28689 | — | < 4.10.4_40-150000.3.84.1 | 4.10.4_40-150000.3.84.1 | Jun 11, 2021 | x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's nov | ||
| CVE-2021-0089 | — | < 4.10.4_26-3.61.1 | 4.10.4_26-3.61.1 | Jun 9, 2021 | Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2021-27379 | — | < 4.10.4_24-3.56.1 | 4.10.4_24-3.56.1 | Feb 18, 2021 | An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were | ||
| CVE-2020-29481 | — | < 4.10.4_24-3.53.1 | 4.10.4_24-3.53.1 | Dec 15, 2020 | An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to | ||
| CVE-2020-29484 | — | < 4.10.4_24-3.53.1 | 4.10.4_24-3.53.1 | Dec 15, 2020 | An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the xenstore client that registered the watch will receive a Xenstore message containing the path of the modified Xenstore entry that triggered the watch, and the tag that was specified when registering t | ||
| CVE-2020-29483 | — | < 4.10.4_24-3.53.1 | 4.10.4_24-3.53.1 | Dec 15, 2020 | An issue was discovered in Xen through 4.14.x. Xenstored and guests communicate via a shared memory page using a specific protocol. When a guest violates this protocol, xenstored will drop the connection to that guest. Unfortunately, this is done by just removing the guest from x |
- CVE-2021-28708Nov 24, 2021affected < 4.10.4_30-3.68.1fixed 4.10.4_30-3.68.1
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily hav
- CVE-2021-28707Nov 24, 2021affected < 4.10.4_30-3.68.1fixed 4.10.4_30-3.68.1
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily hav
- CVE-2021-28706Nov 24, 2021affected < 4.10.4_30-3.68.1fixed 4.10.4_30-3.68.1
guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precisio
- CVE-2021-28705Nov 24, 2021affected < 4.10.4_30-3.68.1fixed 4.10.4_30-3.68.1
issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them t
- CVE-2021-28704Nov 24, 2021affected < 4.10.4_30-3.68.1fixed 4.10.4_30-3.68.1
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily hav
- CVE-2021-28701Sep 8, 2021affected < 4.10.4_30-3.68.1fixed 4.10.4_30-3.68.1
Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest sw
- CVE-2021-28696Aug 27, 2021affected < 4.10.4_26-3.61.1fixed 4.10.4_26-3.61.1
IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically m
- CVE-2021-28695Aug 27, 2021affected < 4.10.4_26-3.61.1fixed 4.10.4_26-3.61.1
IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically m
- CVE-2021-28694Aug 27, 2021affected < 4.10.4_26-3.61.1fixed 4.10.4_26-3.61.1
IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically m
- CVE-2021-28697Aug 27, 2021affected < 4.10.4_26-3.61.1fixed 4.10.4_26-3.61.1
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-alloc
- CVE-2021-28698Aug 27, 2021affected < 4.10.4_26-3.61.1fixed 4.10.4_26-3.61.1
long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entrie
- CVE-2021-28699Aug 27, 2021affected < 4.10.4_26-3.61.1fixed 4.10.4_26-3.61.1
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tra
- CVE-2021-28692Jun 30, 2021affected < 4.10.4_26-3.61.1fixed 4.10.4_26-3.61.1
inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead,
- CVE-2021-28690Jun 29, 2021affected < 4.10.4_26-3.61.1fixed 4.10.4_26-3.61.1
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires s
- CVE-2021-28689Jun 11, 2021affected < 4.10.4_40-150000.3.84.1fixed 4.10.4_40-150000.3.84.1
x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's nov
- CVE-2021-0089Jun 9, 2021affected < 4.10.4_26-3.61.1fixed 4.10.4_26-3.61.1
Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2021-27379Feb 18, 2021affected < 4.10.4_24-3.56.1fixed 4.10.4_24-3.56.1
An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were
- CVE-2020-29481Dec 15, 2020affected < 4.10.4_24-3.53.1fixed 4.10.4_24-3.53.1
An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to
- CVE-2020-29484Dec 15, 2020affected < 4.10.4_24-3.53.1fixed 4.10.4_24-3.53.1
An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the xenstore client that registered the watch will receive a Xenstore message containing the path of the modified Xenstore entry that triggered the watch, and the tag that was specified when registering t
- CVE-2020-29483Dec 15, 2020affected < 4.10.4_24-3.53.1fixed 4.10.4_24-3.53.1
An issue was discovered in Xen through 4.14.x. Xenstored and guests communicate via a shared memory page using a specific protocol. When a guest violates this protocol, xenstored will drop the connection to that guest. Unfortunately, this is done by just removing the guest from x
Page 3 of 5