Описание
Security update for xen
This update for xen fixes the following issues:
- CVE-2021-27379: Fixed an issue where entries in the IOMMU were not being updated under certain circumstances due to improper backport of XSA-321 (XSA-366, bsc#1182431)
Список пакетов
Image SLES15-EC2-CHOST-HVM-BYOS
xen-libs-4.10.4_24-3.56.1
xen-tools-domU-4.10.4_24-3.56.1
Image SLES15-EC2-HVM-BYOS
xen-libs-4.10.4_24-3.56.1
xen-tools-domU-4.10.4_24-3.56.1
Image SLES15-SAP-EC2-HVM
xen-libs-4.10.4_24-3.56.1
xen-tools-domU-4.10.4_24-3.56.1
Image SLES15-SAP-EC2-HVM-BYOS
xen-libs-4.10.4_24-3.56.1
xen-tools-domU-4.10.4_24-3.56.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
xen-4.10.4_24-3.56.1
xen-devel-4.10.4_24-3.56.1
xen-libs-4.10.4_24-3.56.1
xen-tools-4.10.4_24-3.56.1
xen-tools-domU-4.10.4_24-3.56.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
xen-4.10.4_24-3.56.1
xen-devel-4.10.4_24-3.56.1
xen-libs-4.10.4_24-3.56.1
xen-tools-4.10.4_24-3.56.1
xen-tools-domU-4.10.4_24-3.56.1
SUSE Linux Enterprise Server for SAP Applications 15
xen-4.10.4_24-3.56.1
xen-devel-4.10.4_24-3.56.1
xen-libs-4.10.4_24-3.56.1
xen-tools-4.10.4_24-3.56.1
xen-tools-domU-4.10.4_24-3.56.1
Ссылки
- Link for SUSE-SU-2021:1250-1
- E-Mail link for SUSE-SU-2021:1250-1
- SUSE Security Ratings
- SUSE Bug 1178591
- SUSE Bug 1182431
- SUSE CVE CVE-2021-27379 page
Описание
An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565.
Затронутые продукты
Image SLES15-EC2-CHOST-HVM-BYOS:xen-libs-4.10.4_24-3.56.1
Image SLES15-EC2-CHOST-HVM-BYOS:xen-tools-domU-4.10.4_24-3.56.1
Image SLES15-EC2-HVM-BYOS:xen-libs-4.10.4_24-3.56.1
Image SLES15-EC2-HVM-BYOS:xen-tools-domU-4.10.4_24-3.56.1
Ссылки
- CVE-2021-27379
- SUSE Bug 1182431