Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:2597-1

Опубликовано: 29 июл. 2022
Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following issues:

  • CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings (XSA-402) (bsc#1199966).
  • CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 (XSA-404) (bsc#1200549).
  • CVE-2022-26362: Fixed a race condition in typeref acquisition (XSA-401) (bsc#1199965).
  • CVE-2022-33745: Fixed insufficient TLB flush for x86 PV guests in shadow mode (XSA-408) (bsc#1201394).
  • CVE-2022-23816, CVE-2022-23825, CVE-2022-29900: Fixed RETBLEED vulnerability, arbitrary speculative code execution with return instructions (XSA-407) (bsc#1201469).

Fixed several upstream bugs (bsc#1027519).

Список пакетов

Image SLES15-SP4
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Basic
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-CHOST-BYOS
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-CHOST-BYOS-Aliyun
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-CHOST-BYOS-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-CHOST-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-CHOST-BYOS-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-CHOST-BYOS-SAP-CCloud
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-EC2-ECS-HVM
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-HPC
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-HPC-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-HPC-BYOS
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-HPC-BYOS-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-HPC-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-HPC-BYOS-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-HPC-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-HPC-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Hardened-BYOS
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Hardened-BYOS-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Hardened-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Hardened-BYOS-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Server-4-3
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Server-4-3-BYOS
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-3
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-3-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-3-BYOS
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-3-BYOS-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-3-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-3-BYOS-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-3-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-3-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-4
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-4-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-4-BYOS
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-4-BYOS-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-4-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-4-BYOS-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-4-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Micro-5-4-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-BYOS
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-BYOS-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-BYOS-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Hardened
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Hardened-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Hardened-BYOS
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Hardened-BYOS-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Hardened-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAP-Hardened-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAPCAL
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAPCAL-Azure
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAPCAL-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SAPCAL-GCE
xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SUSE-Rancher-Setup-BYOS
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
SUSE Linux Enterprise Module for Basesystem 15 SP4
xen-libs-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP4
xen-4.16.1_06-150400.4.8.1
xen-devel-4.16.1_06-150400.4.8.1
xen-tools-4.16.1_06-150400.4.8.1
xen-tools-xendomains-wait-disk-4.16.1_06-150400.4.8.1
openSUSE Leap 15.4
xen-4.16.1_06-150400.4.8.1
xen-devel-4.16.1_06-150400.4.8.1
xen-doc-html-4.16.1_06-150400.4.8.1
xen-libs-4.16.1_06-150400.4.8.1
xen-libs-32bit-4.16.1_06-150400.4.8.1
xen-tools-4.16.1_06-150400.4.8.1
xen-tools-domU-4.16.1_06-150400.4.8.1
xen-tools-xendomains-wait-disk-4.16.1_06-150400.4.8.1

Ссылки

Описание

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.1_06-150400.4.8.1
Ссылки

Описание

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.1_06-150400.4.8.1
Ссылки

Описание

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.1_06-150400.4.8.1
Ссылки

Описание

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.1_06-150400.4.8.1
Ссылки

Описание

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.1_06-150400.4.8.1
Ссылки

Описание

x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, the logic for acquiring a type reference has a race condition, whereby a safely TLB flush is issued too early and creates a window where the guest can re-establish the read/write mapping before writeability is prohibited.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.1_06-150400.4.8.1
Ссылки

Описание

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.1_06-150400.4.8.1
Ссылки

Описание

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.1_06-150400.4.8.1
Ссылки

Описание

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.1_06-150400.4.8.1
Ссылки

Описание

insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-Azure-Standard:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.1_06-150400.4.8.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.1_06-150400.4.8.1
Ссылки
Уязвимость SUSE-SU-2022:2597-1