Описание
Security update for xen
This update for xen fixes the following issues:
Update to Xen 4.18.5:
Security fixes:
- CVE-2024-28956: Fixed Intel CPU Indirect Target Selection (ITS) (bsc#1243117)
Other fixes:
- Fixed boot failing with XEN kernel on DL580 Gen12 (bsc#1242490)
- Added missing upstream bug fixes (bsc#1027519)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
xen-libs-4.18.5_02-150600.3.23.1
xen-tools-domU-4.18.5_02-150600.3.23.1
SUSE Linux Enterprise Module for Server Applications 15 SP6
xen-4.18.5_02-150600.3.23.1
xen-devel-4.18.5_02-150600.3.23.1
xen-tools-4.18.5_02-150600.3.23.1
xen-tools-xendomains-wait-disk-4.18.5_02-150600.3.23.1
openSUSE Leap 15.6
xen-4.18.5_02-150600.3.23.1
xen-devel-4.18.5_02-150600.3.23.1
xen-doc-html-4.18.5_02-150600.3.23.1
xen-libs-4.18.5_02-150600.3.23.1
xen-libs-32bit-4.18.5_02-150600.3.23.1
xen-tools-4.18.5_02-150600.3.23.1
xen-tools-domU-4.18.5_02-150600.3.23.1
xen-tools-xendomains-wait-disk-4.18.5_02-150600.3.23.1
Ссылки
- Link for SUSE-SU-2025:01703-1
- E-Mail link for SUSE-SU-2025:01703-1
- SUSE Security Ratings
- SUSE Bug 1027519
- SUSE Bug 1242490
- SUSE Bug 1243117
- SUSE CVE CVE-2024-28956 page
Описание
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:xen-libs-4.18.5_02-150600.3.23.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:xen-tools-domU-4.18.5_02-150600.3.23.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:xen-4.18.5_02-150600.3.23.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:xen-devel-4.18.5_02-150600.3.23.1
Ссылки
- CVE-2024-28956
- SUSE Bug 1242006