SUSE-SU-2023:3395-1

Опубликовано: 23 авг. 2023

Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following issues:

CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. (bsc#1214082, XSA-434)
CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling'. (bsc#1214083, XSA-435)
CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potentially access sensitive information. (bsc#1213616, XSA-433)

Список пакетов

Image SLES15-SP4-BYOS

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-CHOST-BYOS

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-CHOST-BYOS-Aliyun

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-CHOST-BYOS-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-CHOST-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-CHOST-BYOS-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-CHOST-BYOS-SAP-CCloud

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-HPC-BYOS

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-HPC-BYOS-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-HPC-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-HPC-BYOS-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-HPC-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-HPC-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Hardened-BYOS

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Hardened-BYOS-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Hardened-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Hardened-BYOS-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Server-4-3

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Server-4-3-BYOS

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Server-4-3-EC2-llc

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Manager-Server-4-3-EC2-ltd

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-3

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-3-BYOS

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-3-BYOS-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-3-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-3-BYOS-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-3-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-4

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-4-BYOS

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-4-BYOS-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-4-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-4-BYOS-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-4-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-Micro-5-4-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Azure-LI-BYOS

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-BYOS

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-BYOS-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-BYOS-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Hardened

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Hardened-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Hardened-BYOS

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAP-Hardened-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAPCAL

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAPCAL-Azure

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAPCAL-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SAPCAL-GCE

xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

SUSE Linux Enterprise Micro 5.3

xen-libs-4.16.5_02-150400.4.31.1

SUSE Linux Enterprise Micro 5.4

xen-libs-4.16.5_02-150400.4.31.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

xen-libs-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

SUSE Linux Enterprise Module for Server Applications 15 SP4

xen-4.16.5_02-150400.4.31.1

xen-devel-4.16.5_02-150400.4.31.1

xen-tools-4.16.5_02-150400.4.31.1

xen-tools-xendomains-wait-disk-4.16.5_02-150400.4.31.1

openSUSE Leap 15.4

xen-4.16.5_02-150400.4.31.1

xen-devel-4.16.5_02-150400.4.31.1

xen-doc-html-4.16.5_02-150400.4.31.1

xen-libs-4.16.5_02-150400.4.31.1

xen-libs-32bit-4.16.5_02-150400.4.31.1

xen-tools-4.16.5_02-150400.4.31.1

xen-tools-domU-4.16.5_02-150400.4.31.1

xen-tools-xendomains-wait-disk-4.16.5_02-150400.4.31.1

openSUSE Leap Micro 5.3

xen-libs-4.16.5_02-150400.4.31.1

openSUSE Leap Micro 5.4

xen-libs-4.16.5_02-150400.4.31.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233395-1/
Link for SUSE-SU-2023:3395-1
https://lists.suse.com/pipermail/sle-updates/2023-August/031153.html
E-Mail link for SUSE-SU-2023:3395-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1027519
SUSE Bug 1027519
https://bugzilla.suse.com/1213616
SUSE Bug 1213616
https://bugzilla.suse.com/1214082
SUSE Bug 1214082
https://bugzilla.suse.com/1214083
SUSE Bug 1214083
https://www.suse.com/security/cve/CVE-2022-40982/
SUSE CVE CVE-2022-40982 page
https://www.suse.com/security/cve/CVE-2023-20569/
SUSE CVE CVE-2023-20569 page
https://www.suse.com/security/cve/CVE-2023-20593/
SUSE CVE CVE-2023-20593 page

Описание

Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Затронутые продукты

Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-EC2:xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-GCE:xen-libs-4.16.5_02-150400.4.31.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-40982.html
CVE-2022-40982
https://bugzilla.suse.com/1206418
SUSE Bug 1206418
https://bugzilla.suse.com/1215674
SUSE Bug 1215674

Описание

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

Затронутые продукты

Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-EC2:xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-GCE:xen-libs-4.16.5_02-150400.4.31.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-20569.html
CVE-2023-20569
https://bugzilla.suse.com/1213287
SUSE Bug 1213287

Описание

An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

Затронутые продукты

Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-EC2:xen-tools-domU-4.16.5_02-150400.4.31.1

Image SLES15-SP4-BYOS-GCE:xen-libs-4.16.5_02-150400.4.31.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-20593.html
CVE-2023-20593
https://bugzilla.suse.com/1213286
SUSE Bug 1213286
https://bugzilla.suse.com/1213616
SUSE Bug 1213616
https://bugzilla.suse.com/1215674
SUSE Bug 1215674