rpm package
suse/xen&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS
Vulnerabilities (15)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-46836 | — | < 4.14.6_08-150300.3.60.1 | 4.14.6_08-150300.3.60.1 | Jan 5, 2024 | The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown (XPTI) deliberately left interrupt | ||
| CVE-2023-46835 | — | < 4.14.6_08-150300.3.60.1 | 4.14.6_08-150300.3.60.1 | Jan 5, 2024 | The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-Vi IOMMU page tables levels ba | ||
| CVE-2023-34328 | — | < 4.14.6_06-150300.3.57.1 | 4.14.6_06-150300.3.57.1 | Jan 5, 2024 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro | ||
| CVE-2023-34327 | — | < 4.14.6_06-150300.3.57.1 | 4.14.6_06-150300.3.57.1 | Jan 5, 2024 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro | ||
| CVE-2023-34325 | — | < 4.14.6_06-150300.3.57.1 | 4.14.6_06-150300.3.57.1 | Jan 5, 2024 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disk | ||
| CVE-2023-34326 | — | < 4.14.6_06-150300.3.57.1 | 4.14.6_06-150300.3.57.1 | Jan 5, 2024 | The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can | ||
| CVE-2023-34323 | — | < 4.14.6_06-150300.3.57.1 | 4.14.6_06-150300.3.57.1 | Jan 5, 2024 | When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xensto | ||
| CVE-2023-34322 | — | < 4.14.6_04-150300.3.54.1 | 4.14.6_04-150300.3.54.1 | Jan 5, 2024 | For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests thi | ||
| CVE-2023-20588 | — | < 4.14.6_04-150300.3.54.1 | 4.14.6_04-150300.3.54.1 | Aug 8, 2023 | A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | ||
| CVE-2023-20593 | — | < 4.14.6_04-150300.3.54.1 | 4.14.6_04-150300.3.54.1 | Jul 24, 2023 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | ||
| CVE-2022-42334 | — | < 4.14.5_12-150300.3.48.1 | 4.14.5_12-150300.3.48.1 | Mar 21, 2023 | x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly | ||
| CVE-2022-42333 | — | < 4.14.5_12-150300.3.48.1 | 4.14.5_12-150300.3.48.1 | Mar 21, 2023 | x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly | ||
| CVE-2022-42332 | — | < 4.14.5_12-150300.3.48.1 | 4.14.5_12-150300.3.48.1 | Mar 21, 2023 | x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tab | ||
| CVE-2022-42331 | — | < 4.14.5_12-150300.3.48.1 | 4.14.5_12-150300.3.48.1 | Mar 21, 2023 | x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be att | ||
| CVE-2022-23824 | — | < 4.14.5_10-150300.3.45.1 | 4.14.5_10-150300.3.45.1 | Nov 9, 2022 | IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. |
- CVE-2023-46836Jan 5, 2024affected < 4.14.6_08-150300.3.60.1fixed 4.14.6_08-150300.3.60.1
The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown (XPTI) deliberately left interrupt
- CVE-2023-46835Jan 5, 2024affected < 4.14.6_08-150300.3.60.1fixed 4.14.6_08-150300.3.60.1
The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-Vi IOMMU page tables levels ba
- CVE-2023-34328Jan 5, 2024affected < 4.14.6_06-150300.3.57.1fixed 4.14.6_06-150300.3.57.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro
- CVE-2023-34327Jan 5, 2024affected < 4.14.6_06-150300.3.57.1fixed 4.14.6_06-150300.3.57.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are erro
- CVE-2023-34325Jan 5, 2024affected < 4.14.6_06-150300.3.57.1fixed 4.14.6_06-150300.3.57.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disk
- CVE-2023-34326Jan 5, 2024affected < 4.14.6_06-150300.3.57.1fixed 4.14.6_06-150300.3.57.1
The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can
- CVE-2023-34323Jan 5, 2024affected < 4.14.6_06-150300.3.57.1fixed 4.14.6_06-150300.3.57.1
When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xensto
- CVE-2023-34322Jan 5, 2024affected < 4.14.6_04-150300.3.54.1fixed 4.14.6_04-150300.3.54.1
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests thi
- CVE-2023-20588Aug 8, 2023affected < 4.14.6_04-150300.3.54.1fixed 4.14.6_04-150300.3.54.1
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
- CVE-2023-20593Jul 24, 2023affected < 4.14.6_04-150300.3.54.1fixed 4.14.6_04-150300.3.54.1
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
- CVE-2022-42334Mar 21, 2023affected < 4.14.5_12-150300.3.48.1fixed 4.14.5_12-150300.3.48.1
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly
- CVE-2022-42333Mar 21, 2023affected < 4.14.5_12-150300.3.48.1fixed 4.14.5_12-150300.3.48.1
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly
- CVE-2022-42332Mar 21, 2023affected < 4.14.5_12-150300.3.48.1fixed 4.14.5_12-150300.3.48.1
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tab
- CVE-2022-42331Mar 21, 2023affected < 4.14.5_12-150300.3.48.1fixed 4.14.5_12-150300.3.48.1
x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be att
- CVE-2022-23824Nov 9, 2022affected < 4.14.5_10-150300.3.45.1fixed 4.14.5_10-150300.3.45.1
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.