rpm package
suse/xen&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS
Vulnerabilities (19)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-58148 | — | < 4.16.7_04-150400.4.75.1 | 4.16.7_04-150400.4.75.1 | Oct 31, 2025 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, | ||
| CVE-2025-58147 | — | < 4.16.7_04-150400.4.75.1 | 4.16.7_04-150400.4.75.1 | Oct 31, 2025 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, | ||
| CVE-2025-58143 | — | < 4.16.7_04-150400.4.75.1 | 4.16.7_04-150400.4.75.1 | Sep 11, 2025 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the upd | ||
| CVE-2025-58142 | — | < 4.16.7_04-150400.4.75.1 | 4.16.7_04-150400.4.75.1 | Sep 11, 2025 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the upd | ||
| CVE-2025-27466 | — | < 4.16.7_04-150400.4.75.1 | 4.16.7_04-150400.4.75.1 | Sep 11, 2025 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the upd | ||
| CVE-2025-1713 | — | < 4.16.7_02-150400.4.72.1 | 4.16.7_02-150400.4.72.1 | Jul 17, 2025 | When setting up interrupt remapping for legacy PCI(-X) devices, including PCI(-X) bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock. | ||
| CVE-2025-27465 | — | < 4.16.7_02-150400.4.72.1 | 4.16.7_02-150400.4.72.1 | Jul 16, 2025 | Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additiona | ||
| CVE-2024-36357 | Med | 5.6 | < 4.16.7_02-150400.4.72.1 | 4.16.7_02-150400.4.72.1 | Jul 8, 2025 | A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries. | |
| CVE-2024-36350 | Med | 5.6 | < 4.16.7_02-150400.4.72.1 | 4.16.7_02-150400.4.72.1 | Jul 8, 2025 | A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. | |
| CVE-2024-28956 | Med | 5.6 | < 4.16.7_02-150400.4.72.1 | 4.16.7_02-150400.4.72.1 | May 13, 2025 | Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2024-53241 | — | < 4.16.7_02-150400.4.72.1 | 4.16.7_02-150400.4.72.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparati | ||
| CVE-2024-2201 | Med | 4.7 | < 4.16.6_04-150400.4.62.1 | 4.16.6_04-150400.4.62.1 | Dec 19, 2024 | A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems. | |
| CVE-2024-45819 | — | < 4.16.6_06-150400.4.65.1 | 4.16.6_06-150400.4.65.1 | Dec 19, 2024 | PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is | ||
| CVE-2024-45818 | — | < 4.16.6_06-150400.4.65.1 | 4.16.6_06-150400.4.65.1 | Dec 19, 2024 | The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a | ||
| CVE-2024-45817 | — | < 4.16.6_04-150400.4.62.1 | 4.16.6_04-150400.4.62.1 | Sep 25, 2024 | In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are reported in a status register. Furthermore, the OS can opt to receive an interrupt when a new error occurs. It is possible to configure the error interrupt with an illegal vector, whic | ||
| CVE-2024-31146 | — | < 4.16.6_04-150400.4.62.1 | 4.16.6_04-150400.4.62.1 | Sep 25, 2024 | When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration canno | ||
| CVE-2024-31145 | — | < 4.16.6_04-150400.4.62.1 | 4.16.6_04-150400.4.62.1 | Sep 25, 2024 | Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purp | ||
| CVE-2024-31143 | — | < 4.16.6_04-150400.4.62.1 | 4.16.6_04-150400.4.62.1 | Jul 18, 2024 | An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situat | ||
| CVE-2023-46839 | — | < 4.16.5_12-150400.4.46.1 | 4.16.5_12-150400.4.46.1 | Mar 20, 2024 | PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions ne |
- CVE-2025-58148Oct 31, 2025affected < 4.16.7_04-150400.4.75.1fixed 4.16.7_04-150400.4.75.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats,
- CVE-2025-58147Oct 31, 2025affected < 4.16.7_04-150400.4.75.1fixed 4.16.7_04-150400.4.75.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats,
- CVE-2025-58143Sep 11, 2025affected < 4.16.7_04-150400.4.75.1fixed 4.16.7_04-150400.4.75.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the upd
- CVE-2025-58142Sep 11, 2025affected < 4.16.7_04-150400.4.75.1fixed 4.16.7_04-150400.4.75.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the upd
- CVE-2025-27466Sep 11, 2025affected < 4.16.7_04-150400.4.75.1fixed 4.16.7_04-150400.4.75.1
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the upd
- CVE-2025-1713Jul 17, 2025affected < 4.16.7_02-150400.4.72.1fixed 4.16.7_02-150400.4.72.1
When setting up interrupt remapping for legacy PCI(-X) devices, including PCI(-X) bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock.
- CVE-2025-27465Jul 16, 2025affected < 4.16.7_02-150400.4.72.1fixed 4.16.7_02-150400.4.72.1
Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additiona
- affected < 4.16.7_02-150400.4.72.1fixed 4.16.7_02-150400.4.72.1
A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.
- affected < 4.16.7_02-150400.4.72.1fixed 4.16.7_02-150400.4.72.1
A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
- affected < 4.16.7_02-150400.4.72.1fixed 4.16.7_02-150400.4.72.1
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2024-53241Dec 24, 2024affected < 4.16.7_02-150400.4.72.1fixed 4.16.7_02-150400.4.72.1
In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparati
- affected < 4.16.6_04-150400.4.62.1fixed 4.16.6_04-150400.4.62.1
A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.
- CVE-2024-45819Dec 19, 2024affected < 4.16.6_06-150400.4.65.1fixed 4.16.6_06-150400.4.65.1
PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is
- CVE-2024-45818Dec 19, 2024affected < 4.16.6_06-150400.4.65.1fixed 4.16.6_06-150400.4.65.1
The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a
- CVE-2024-45817Sep 25, 2024affected < 4.16.6_04-150400.4.62.1fixed 4.16.6_04-150400.4.62.1
In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are reported in a status register. Furthermore, the OS can opt to receive an interrupt when a new error occurs. It is possible to configure the error interrupt with an illegal vector, whic
- CVE-2024-31146Sep 25, 2024affected < 4.16.6_04-150400.4.62.1fixed 4.16.6_04-150400.4.62.1
When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration canno
- CVE-2024-31145Sep 25, 2024affected < 4.16.6_04-150400.4.62.1fixed 4.16.6_04-150400.4.62.1
Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purp
- CVE-2024-31143Jul 18, 2024affected < 4.16.6_04-150400.4.62.1fixed 4.16.6_04-150400.4.62.1
An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situat
- CVE-2023-46839Mar 20, 2024affected < 4.16.5_12-150400.4.46.1fixed 4.16.5_12-150400.4.46.1
PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions ne