Описание
Security update for xen
This update for xen fixes the following issues:
Update Xen to version 4.14.4 (bsc#1027519)
Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated.
Security issues fixed:
- CVE-2022-0001, CVE-2022-0002, CVE-2021-26401: BHB speculation issues (bsc#1196915).
Non-security issues fixed:
- Fixed issue around xl and virsh operation - virsh list not giving any output (bsc#1191668).
Список пакетов
Image SLES15-SP3-BYOS-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-EC2-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-GCE
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-CHOST-BYOS-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-CHOST-BYOS-EC2
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-CHOST-BYOS-GCE
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-EC2-ECS-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-EC2-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-GCE
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-HPC-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-HPC-BYOS-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-HPC-BYOS-GCE
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Micro-5-1-BYOS-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Micro-5-1-BYOS-GCE
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAP-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAP-BYOS-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAP-BYOS-GCE
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAP-EC2-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAP-GCE
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAPCAL-Azure
xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAPCAL-EC2-HVM
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-SAPCAL-GCE
xen-libs-4.14.4_02-150300.3.21.1
SUSE Linux Enterprise Micro 5.1
xen-libs-4.14.4_02-150300.3.21.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
xen-libs-4.14.4_02-150300.3.21.1
xen-tools-domU-4.14.4_02-150300.3.21.1
SUSE Linux Enterprise Module for Server Applications 15 SP3
xen-4.14.4_02-150300.3.21.1
xen-devel-4.14.4_02-150300.3.21.1
xen-tools-4.14.4_02-150300.3.21.1
xen-tools-xendomains-wait-disk-4.14.4_02-150300.3.21.1
Ссылки
- Link for SUSE-SU-2022:0940-1
- E-Mail link for SUSE-SU-2022:0940-1
- SUSE Security Ratings
- SUSE Bug 1027519
- SUSE Bug 1191668
- SUSE Bug 1194267
- SUSE Bug 1196915
- SUSE CVE CVE-2021-26401 page
- SUSE CVE CVE-2022-0001 page
- SUSE CVE CVE-2022-0002 page
Описание
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
Затронутые продукты
Image SLES15-SP3-BYOS-Azure:xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-GCE:xen-libs-4.14.4_02-150300.3.21.1
Ссылки
- CVE-2021-26401
- SUSE Bug 1191580
- SUSE Bug 1196901
- SUSE Bug 1209630
Описание
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
Затронутые продукты
Image SLES15-SP3-BYOS-Azure:xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-GCE:xen-libs-4.14.4_02-150300.3.21.1
Ссылки
- CVE-2022-0001
- SUSE Bug 1191580
- SUSE Bug 1196901
Описание
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
Затронутые продукты
Image SLES15-SP3-BYOS-Azure:xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-libs-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-tools-domU-4.14.4_02-150300.3.21.1
Image SLES15-SP3-BYOS-GCE:xen-libs-4.14.4_02-150300.3.21.1
Ссылки
- CVE-2022-0002
- SUSE Bug 1191580
- SUSE Bug 1196901