Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:3140-1

Опубликовано: 18 сент. 2021
Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following issues:

  • CVE-2021-28701: Fixed race condition in XENMAPSPACE_grant_table handling (XSA-384) (bsc#1189632).

  • Upstream bug fixes (bsc#1027519)

Список пакетов

Container suse/sles/15.3/libguestfs-tools:0.45.0
xen-libs-4.14.2_06-3.12.1
Container suse/sles/15.3/virt-launcher:0.45.0
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-BYOS-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-BYOS-EC2-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-BYOS-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-CHOST-BYOS-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-CHOST-BYOS-EC2
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-CHOST-BYOS-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-EC2-ECS-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-EC2-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-HPC-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-HPC-BYOS-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-HPC-BYOS-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-Micro-5-1-BYOS-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-Micro-5-1-BYOS-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-Micro-BYOS-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-SAP-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-SAP-BYOS-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-SAP-BYOS-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-SAP-EC2-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-SAP-GCE
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-SAPCAL-Azure
xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-SAPCAL-EC2-HVM
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
Image SLES15-SP3-SAPCAL-GCE
xen-libs-4.14.2_06-3.12.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
xen-libs-4.14.2_06-3.12.1
xen-tools-domU-4.14.2_06-3.12.1
SUSE Linux Enterprise Module for Server Applications 15 SP3
xen-4.14.2_06-3.12.1
xen-devel-4.14.2_06-3.12.1
xen-tools-4.14.2_06-3.12.1
xen-tools-xendomains-wait-disk-4.14.2_06-3.12.1

Ссылки

Описание

Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed.

Затронутые продукты
Container suse/sles/15.3/libguestfs-tools:0.45.0:xen-libs-4.14.2_06-3.12.1
Container suse/sles/15.3/virt-launcher:0.45.0:xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-BYOS-Azure:xen-libs-4.14.2_06-3.12.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-libs-4.14.2_06-3.12.1
Ссылки