Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:3141-1

Опубликовано: 18 сент. 2021
Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following issues:

  • CVE-2021-28701: Fixed race condition in XENMAPSPACE_grant_table handling (XSA-384) (bsc#1189632).

  • Upstream bug fixes (bsc#1027519)

Список пакетов

Image SLES15-SP2-BYOS-Azure
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-BYOS-EC2-HVM
xen-libs-4.13.3_04-3.37.1
xen-tools-domU-4.13.3_04-3.37.1
Image SLES15-SP2-BYOS-GCE
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-CHOST-BYOS-Aliyun
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-CHOST-BYOS-Azure
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-CHOST-BYOS-EC2
xen-libs-4.13.3_04-3.37.1
xen-tools-domU-4.13.3_04-3.37.1
Image SLES15-SP2-CHOST-BYOS-GCE
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-HPC-BYOS-Azure
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-HPC-BYOS-EC2-HVM
xen-libs-4.13.3_04-3.37.1
xen-tools-domU-4.13.3_04-3.37.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM
xen-libs-4.13.3_04-3.37.1
xen-tools-domU-4.13.3_04-3.37.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
xen-libs-4.13.3_04-3.37.1
xen-tools-domU-4.13.3_04-3.37.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-SAP-Azure
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-SAP-BYOS-Azure
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
xen-libs-4.13.3_04-3.37.1
xen-tools-domU-4.13.3_04-3.37.1
Image SLES15-SP2-SAP-BYOS-GCE
xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-SAP-EC2-HVM
xen-libs-4.13.3_04-3.37.1
xen-tools-domU-4.13.3_04-3.37.1
Image SLES15-SP2-SAP-GCE
xen-libs-4.13.3_04-3.37.1
SUSE Linux Enterprise Micro 5.0
xen-libs-4.13.3_04-3.37.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
xen-libs-4.13.3_04-3.37.1
xen-tools-domU-4.13.3_04-3.37.1
SUSE Linux Enterprise Module for Server Applications 15 SP2
xen-4.13.3_04-3.37.1
xen-devel-4.13.3_04-3.37.1
xen-tools-4.13.3_04-3.37.1
xen-tools-xendomains-wait-disk-4.13.3_04-3.37.1

Ссылки

Описание

Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed.

Затронутые продукты
Image SLES15-SP2-BYOS-Azure:xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-BYOS-EC2-HVM:xen-libs-4.13.3_04-3.37.1
Image SLES15-SP2-BYOS-EC2-HVM:xen-tools-domU-4.13.3_04-3.37.1
Image SLES15-SP2-BYOS-GCE:xen-libs-4.13.3_04-3.37.1
Ссылки