Описание
Security update for xen
This update for xen fixes the following issues:
- CVE-2024-2201: Mitigation for Native Branch History Injection (XSA-456, bsc#1222453)
- CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling (XSA-458, bsc#1227355).
Список пакетов
Image SLES15-SP3-BYOS-Azure
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-BYOS-EC2-HVM
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
Image SLES15-SP3-BYOS-GCE
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-CHOST-BYOS-Azure
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-CHOST-BYOS-EC2
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
Image SLES15-SP3-CHOST-BYOS-GCE
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-HPC-BYOS-Azure
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
Image SLES15-SP3-HPC-BYOS-GCE
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-Micro-5-1-BYOS-Azure
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
Image SLES15-SP3-Micro-5-1-BYOS-GCE
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-SAP-BYOS-Azure
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
Image SLES15-SP3-SAP-BYOS-GCE
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-SAPCAL-Azure
xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-SAPCAL-EC2-HVM
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
Image SLES15-SP3-SAPCAL-GCE
xen-libs-4.14.6_16-150300.3.75.1
SUSE Enterprise Storage 7.1
xen-4.14.6_16-150300.3.75.1
xen-devel-4.14.6_16-150300.3.75.1
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
xen-tools-xendomains-wait-disk-4.14.6_16-150300.3.75.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
xen-4.14.6_16-150300.3.75.1
xen-devel-4.14.6_16-150300.3.75.1
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
xen-tools-xendomains-wait-disk-4.14.6_16-150300.3.75.1
SUSE Linux Enterprise Micro 5.1
xen-libs-4.14.6_16-150300.3.75.1
SUSE Linux Enterprise Micro 5.2
xen-libs-4.14.6_16-150300.3.75.1
SUSE Linux Enterprise Server 15 SP3-LTSS
xen-4.14.6_16-150300.3.75.1
xen-devel-4.14.6_16-150300.3.75.1
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
xen-tools-xendomains-wait-disk-4.14.6_16-150300.3.75.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
xen-4.14.6_16-150300.3.75.1
xen-devel-4.14.6_16-150300.3.75.1
xen-libs-4.14.6_16-150300.3.75.1
xen-tools-4.14.6_16-150300.3.75.1
xen-tools-domU-4.14.6_16-150300.3.75.1
xen-tools-xendomains-wait-disk-4.14.6_16-150300.3.75.1
Ссылки
- Link for SUSE-SU-2024:2533-1
- E-Mail link for SUSE-SU-2024:2533-1
- SUSE Security Ratings
- SUSE Bug 1222453
- SUSE Bug 1227355
- SUSE CVE CVE-2024-2201 page
- SUSE CVE CVE-2024-31143 page
Описание
A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.
Затронутые продукты
Image SLES15-SP3-BYOS-Azure:xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-tools-domU-4.14.6_16-150300.3.75.1
Image SLES15-SP3-BYOS-GCE:xen-libs-4.14.6_16-150300.3.75.1
Ссылки
- CVE-2024-2201
- SUSE Bug 1212111
- SUSE Bug 1217339
Описание
An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or without a particular lock held. This error path wrongly releases the lock even when it is not currently held.
Затронутые продукты
Image SLES15-SP3-BYOS-Azure:xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-libs-4.14.6_16-150300.3.75.1
Image SLES15-SP3-BYOS-EC2-HVM:xen-tools-domU-4.14.6_16-150300.3.75.1
Image SLES15-SP3-BYOS-GCE:xen-libs-4.14.6_16-150300.3.75.1
Ссылки
- CVE-2024-31143
- SUSE Bug 1227355