Oval Definition:oval:org.opensuse.security:def:119458
Revision Date:2022-07-29Version:1
Title:Security update for xen (Important)
Description:

This update for xen fixes the following issues:

- CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings (XSA-402) (bsc#1199966). - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 (XSA-404) (bsc#1200549). - CVE-2022-26362: Fixed a race condition in typeref acquisition (XSA-401) (bsc#1199965). - CVE-2022-33745: Fixed insufficient TLB flush for x86 PV guests in shadow mode (XSA-408) (bsc#1201394). - CVE-2022-23816, CVE-2022-23825, CVE-2022-29900: Fixed RETBLEED vulnerability, arbitrary speculative code execution with return instructions (XSA-407) (bsc#1201469).

Fixed several upstream bugs (bsc#1027519).
Family:unixClass:patch
Status:Reference(s):1027519
1199965
1199966
1200549
1201394
1201469
CVE-2022-21123
CVE-2022-21125
CVE-2022-21166
CVE-2022-23816
CVE-2022-23825
CVE-2022-26362
CVE-2022-26363
CVE-2022-26364
CVE-2022-29900
CVE-2022-33745
SUSE-SU-2022:2591-1
Platform(s):SUSE Linux Enterprise Server 15 SP2-LTSS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 15 SP2-LTSS is installed
  • AND Package Information
  • xen-4.13.4_12-150200.3.58.1 is installed
  • OR xen-devel-4.13.4_12-150200.3.58.1 is installed
  • OR xen-libs-4.13.4_12-150200.3.58.1 is installed
  • OR xen-tools-4.13.4_12-150200.3.58.1 is installed
  • OR xen-tools-domU-4.13.4_12-150200.3.58.1 is installed
  • OR xen-tools-xendomains-wait-disk-4.13.4_12-150200.3.58.1 is installed
    • BACK