Описание
Security update for xen
This update for xen fixes the following issues:
- CVE-2022-26362: Fixed race condition in typeref acquisition (bsc#1199965)
- CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings (bsc#1199966)
Список пакетов
Image SLES15-SP2-BYOS-Azure
Image SLES15-SP2-BYOS-EC2-HVM
Image SLES15-SP2-BYOS-GCE
Image SLES15-SP2-CHOST-BYOS-Aliyun
Image SLES15-SP2-CHOST-BYOS-Azure
Image SLES15-SP2-CHOST-BYOS-EC2
Image SLES15-SP2-CHOST-BYOS-GCE
Image SLES15-SP2-HPC-BYOS-Azure
Image SLES15-SP2-HPC-BYOS-EC2-HVM
Image SLES15-SP2-SAP-Azure
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
Image SLES15-SP2-SAP-BYOS-Azure
Image SLES15-SP2-SAP-BYOS-EC2-HVM
Image SLES15-SP2-SAP-BYOS-GCE
Image SLES15-SP2-SAP-EC2-HVM
Image SLES15-SP2-SAP-GCE
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
SUSE Linux Enterprise Server 15 SP2-BCL
SUSE Linux Enterprise Server 15 SP2-LTSS
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
Ссылки
- Link for SUSE-SU-2022:2164-1
- E-Mail link for SUSE-SU-2022:2164-1
- SUSE Security Ratings
- SUSE Bug 1199965
- SUSE Bug 1199966
- SUSE CVE CVE-2022-26362 page
- SUSE CVE CVE-2022-26363 page
- SUSE CVE CVE-2022-26364 page
Описание
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, the logic for acquiring a type reference has a race condition, whereby a safely TLB flush is issued too early and creates a window where the guest can re-establish the read/write mapping before writeability is prohibited.
Затронутые продукты
Ссылки
- CVE-2022-26362
- SUSE Bug 1199965
Описание
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.
Затронутые продукты
Ссылки
- CVE-2022-26363
- SUSE Bug 1199966
Описание
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.
Затронутые продукты
Ссылки
- CVE-2022-26364
- SUSE Bug 1199966