Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:3213-1

Опубликовано: 23 сент. 2021
Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following issues:

  • CVE-2021-28701: Fixed race condition in XENMAPSPACE_grant_table handling (XSA-384) (bsc#1189632).

  • Integrate bugfixes (bsc#1189373, bsc#1189378).

Список пакетов

HPE Helion OpenStack 8
xen-4.9.4_22-3.94.2
xen-doc-html-4.9.4_22-3.94.2
xen-libs-4.9.4_22-3.94.2
xen-libs-32bit-4.9.4_22-3.94.2
xen-tools-4.9.4_22-3.94.2
xen-tools-domU-4.9.4_22-3.94.2
SUSE Linux Enterprise Server 12 SP3-BCL
xen-4.9.4_22-3.94.2
xen-doc-html-4.9.4_22-3.94.2
xen-libs-4.9.4_22-3.94.2
xen-libs-32bit-4.9.4_22-3.94.2
xen-tools-4.9.4_22-3.94.2
xen-tools-domU-4.9.4_22-3.94.2
SUSE Linux Enterprise Server 12 SP3-LTSS
xen-4.9.4_22-3.94.2
xen-doc-html-4.9.4_22-3.94.2
xen-libs-4.9.4_22-3.94.2
xen-libs-32bit-4.9.4_22-3.94.2
xen-tools-4.9.4_22-3.94.2
xen-tools-domU-4.9.4_22-3.94.2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
xen-4.9.4_22-3.94.2
xen-doc-html-4.9.4_22-3.94.2
xen-libs-4.9.4_22-3.94.2
xen-libs-32bit-4.9.4_22-3.94.2
xen-tools-4.9.4_22-3.94.2
xen-tools-domU-4.9.4_22-3.94.2
SUSE OpenStack Cloud 8
xen-4.9.4_22-3.94.2
xen-doc-html-4.9.4_22-3.94.2
xen-libs-4.9.4_22-3.94.2
xen-libs-32bit-4.9.4_22-3.94.2
xen-tools-4.9.4_22-3.94.2
xen-tools-domU-4.9.4_22-3.94.2
SUSE OpenStack Cloud Crowbar 8
xen-4.9.4_22-3.94.2
xen-doc-html-4.9.4_22-3.94.2
xen-libs-4.9.4_22-3.94.2
xen-libs-32bit-4.9.4_22-3.94.2
xen-tools-4.9.4_22-3.94.2
xen-tools-domU-4.9.4_22-3.94.2

Ссылки

Описание

Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed.

Затронутые продукты
HPE Helion OpenStack 8:xen-4.9.4_22-3.94.2
HPE Helion OpenStack 8:xen-doc-html-4.9.4_22-3.94.2
HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_22-3.94.2
HPE Helion OpenStack 8:xen-libs-4.9.4_22-3.94.2
Ссылки