1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:2600-1

[SUSE-SU-2022:2600-1] Security update for xen

Severity Important
Affected Packages 5
CVEs 10
Info Packages References Vulnerabilities

Security update for xen

This update for xen fixes the following issues:

  • CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings (XSA-402) (bsc#1199966).
  • CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 (XSA-404) (bsc#1200549).
  • CVE-2022-26362: Fixed a race condition in typeref acquisition (XSA-401) (bsc#1199965).
  • CVE-2022-33745: Fixed insufficient TLB flush for x86 PV guests in shadow mode (XSA-408) (bsc#1201394).
  • CVE-2022-23816, CVE-2022-23825, CVE-2022-29900: Fixed RETBLEED vulnerability, arbitrary speculative code execution with return instructions (XSA-407) (bsc#1201469).
Package Affected Version
pkg:rpm/suse/xen?arch=x86_64&distro=sles-15&sp=1 < 4.12.4_26-150100.3.75.1
pkg:rpm/suse/xen-tools?arch=x86_64&distro=sles-15&sp=1 < 4.12.4_26-150100.3.75.1
pkg:rpm/suse/xen-tools-domU?arch=x86_64&distro=sles-15&sp=1 < 4.12.4_26-150100.3.75.1
pkg:rpm/suse/xen-libs?arch=x86_64&distro=sles-15&sp=1 < 4.12.4_26-150100.3.75.1
pkg:rpm/suse/xen-devel?arch=x86_64&distro=sles-15&sp=1 < 4.12.4_26-150100.3.75.1
ID
SUSE-SU-2022:2600-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20222600-1/
Published
2022-07-29T14:13:54
(2 years ago)
Modified
2022-07-29T14:13:54
(2 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2600-1.json
Suse URL for SUSE-SU-2022:2600-1 https://www.suse.com/support/update/announcement/2022/suse-su-20222600-1/
Suse E-Mail link for SUSE-SU-2022:2600-1 https://lists.suse.com/pipermail/sle-security-updates/2022-July/011720.html
Bugzilla SUSE Bug 1199965 https://bugzilla.suse.com/1199965
Bugzilla SUSE Bug 1199966 https://bugzilla.suse.com/1199966
Bugzilla SUSE Bug 1200549 https://bugzilla.suse.com/1200549
Bugzilla SUSE Bug 1201394 https://bugzilla.suse.com/1201394
Bugzilla SUSE Bug 1201469 https://bugzilla.suse.com/1201469
CVE SUSE CVE CVE-2022-21123 page https://www.suse.com/security/cve/CVE-2022-21123/
CVE SUSE CVE CVE-2022-21125 page https://www.suse.com/security/cve/CVE-2022-21125/
CVE SUSE CVE CVE-2022-21166 page https://www.suse.com/security/cve/CVE-2022-21166/
CVE SUSE CVE CVE-2022-23816 page https://www.suse.com/security/cve/CVE-2022-23816/
CVE SUSE CVE CVE-2022-23825 page https://www.suse.com/security/cve/CVE-2022-23825/
CVE SUSE CVE CVE-2022-26362 page https://www.suse.com/security/cve/CVE-2022-26362/
CVE SUSE CVE CVE-2022-26363 page https://www.suse.com/security/cve/CVE-2022-26363/
CVE SUSE CVE CVE-2022-26364 page https://www.suse.com/security/cve/CVE-2022-26364/
CVE SUSE CVE CVE-2022-29900 page https://www.suse.com/security/cve/CVE-2022-29900/
CVE SUSE CVE CVE-2022-33745 page https://www.suse.com/security/cve/CVE-2022-33745/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/xen?arch=x86_64&distro=sles-15&sp=1 suse xen < 4.12.4_26-150100.3.75.1 sles-15 x86_64
Affected pkg:rpm/suse/xen-tools?arch=x86_64&distro=sles-15&sp=1 suse xen-tools < 4.12.4_26-150100.3.75.1 sles-15 x86_64
Affected pkg:rpm/suse/xen-tools-domU?arch=x86_64&distro=sles-15&sp=1 suse xen-tools-domU < 4.12.4_26-150100.3.75.1 sles-15 x86_64
Affected pkg:rpm/suse/xen-libs?arch=x86_64&distro=sles-15&sp=1 suse xen-libs < 4.12.4_26-150100.3.75.1 sles-15 x86_64
Affected pkg:rpm/suse/xen-devel?arch=x86_64&distro=sles-15&sp=1 suse xen-devel < 4.12.4_26-150100.3.75.1 sles-15 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date