SUSE update for xen
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 10 |
| CVE-ID | CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 CVE-2022-23816 CVE-2022-23825 CVE-2022-26362 CVE-2022-26363 CVE-2022-26364 CVE-2022-29900 CVE-2022-33745 |
| CWE-ID | CWE-200 CWE-843 CWE-362 CWE-119 CWE-1037 CWE-400 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SUSE OpenStack Cloud Crowbar Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Operating systems & Components / Operating system SUSE Linux Enterprise Server Operating systems & Components / Operating system SUSE OpenStack Cloud Operating systems & Components / Operating system xen-tools-domU-debuginfo Operating systems & Components / Operating system package or component xen-tools-domU Operating systems & Components / Operating system package or component xen-tools-debuginfo Operating systems & Components / Operating system package or component xen-tools Operating systems & Components / Operating system package or component xen-libs-debuginfo Operating systems & Components / Operating system package or component xen-libs-debuginfo-32bit Operating systems & Components / Operating system package or component xen-libs Operating systems & Components / Operating system package or component xen-libs-32bit Operating systems & Components / Operating system package or component xen-doc-html Operating systems & Components / Operating system package or component xen-debugsource Operating systems & Components / Operating system package or component xen Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 10 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU64364
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21123
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to potentially sensitive information.
The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.
Update the affected package xen to the latest version.
Vulnerable software versionsSUSE OpenStack Cloud Crowbar: 9
SUSE Linux Enterprise Server for SAP: 12-SP4
SUSE Linux Enterprise Server: 12-SP4-LTSS
SUSE OpenStack Cloud: 9
xen-tools-domU-debuginfo: before 4.11.4_30-2.76.1
xen-tools-domU: before 4.11.4_30-2.76.1
xen-tools-debuginfo: before 4.11.4_30-2.76.1
xen-tools: before 4.11.4_30-2.76.1
xen-libs-debuginfo: before 4.11.4_30-2.76.1
xen-libs-debuginfo-32bit: before 4.11.4_30-2.76.1
xen-libs: before 4.11.4_30-2.76.1
xen-libs-32bit: before 4.11.4_30-2.76.1
xen-doc-html: before 4.11.4_30-2.76.1
xen-debugsource: before 4.11.4_30-2.76.1
xen: before 4.11.4_30-2.76.1
CPE2.3- cpe:2.3:o:suse:suse_openstack_cloud_crowbar:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:12-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP4-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_openstack_cloud:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:xen-tools-domu-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-domu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-doc-html:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222560-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU64365
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21125
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to potentially sensitive information.
The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.
Update the affected package xen to the latest version.
Vulnerable software versionsSUSE OpenStack Cloud Crowbar: 9
SUSE Linux Enterprise Server for SAP: 12-SP4
SUSE Linux Enterprise Server: 12-SP4-LTSS
SUSE OpenStack Cloud: 9
xen-tools-domU-debuginfo: before 4.11.4_30-2.76.1
xen-tools-domU: before 4.11.4_30-2.76.1
xen-tools-debuginfo: before 4.11.4_30-2.76.1
xen-tools: before 4.11.4_30-2.76.1
xen-libs-debuginfo: before 4.11.4_30-2.76.1
xen-libs-debuginfo-32bit: before 4.11.4_30-2.76.1
xen-libs: before 4.11.4_30-2.76.1
xen-libs-32bit: before 4.11.4_30-2.76.1
xen-doc-html: before 4.11.4_30-2.76.1
xen-debugsource: before 4.11.4_30-2.76.1
xen: before 4.11.4_30-2.76.1
CPE2.3- cpe:2.3:o:suse:suse_openstack_cloud_crowbar:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:12-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP4-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_openstack_cloud:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:xen-tools-domu-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-domu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-doc-html:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222560-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU64366
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21166
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to potentially sensitive information.
The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.
MitigationUpdate the affected package xen to the latest version.
Vulnerable software versionsSUSE OpenStack Cloud Crowbar: 9
SUSE Linux Enterprise Server for SAP: 12-SP4
SUSE Linux Enterprise Server: 12-SP4-LTSS
SUSE OpenStack Cloud: 9
xen-tools-domU-debuginfo: before 4.11.4_30-2.76.1
xen-tools-domU: before 4.11.4_30-2.76.1
xen-tools-debuginfo: before 4.11.4_30-2.76.1
xen-tools: before 4.11.4_30-2.76.1
xen-libs-debuginfo: before 4.11.4_30-2.76.1
xen-libs-debuginfo-32bit: before 4.11.4_30-2.76.1
xen-libs: before 4.11.4_30-2.76.1
xen-libs-32bit: before 4.11.4_30-2.76.1
xen-doc-html: before 4.11.4_30-2.76.1
xen-debugsource: before 4.11.4_30-2.76.1
xen: before 4.11.4_30-2.76.1
CPE2.3- cpe:2.3:o:suse:suse_openstack_cloud_crowbar:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:12-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP4-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_openstack_cloud:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:xen-tools-domu-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-domu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-doc-html:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222560-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Type Confusion
EUVDB-ID: #VU65219
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-23816
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a branch type confusion. A local user can force the branch predictor to predict the wrong branch type and gain access to sensitive information.
MitigationUpdate the affected package xen to the latest version.
Vulnerable software versionsSUSE OpenStack Cloud Crowbar: 9
SUSE Linux Enterprise Server for SAP: 12-SP4
SUSE Linux Enterprise Server: 12-SP4-LTSS
SUSE OpenStack Cloud: 9
xen-tools-domU-debuginfo: before 4.11.4_30-2.76.1
xen-tools-domU: before 4.11.4_30-2.76.1
xen-tools-debuginfo: before 4.11.4_30-2.76.1
xen-tools: before 4.11.4_30-2.76.1
xen-libs-debuginfo: before 4.11.4_30-2.76.1
xen-libs-debuginfo-32bit: before 4.11.4_30-2.76.1
xen-libs: before 4.11.4_30-2.76.1
xen-libs-32bit: before 4.11.4_30-2.76.1
xen-doc-html: before 4.11.4_30-2.76.1
xen-debugsource: before 4.11.4_30-2.76.1
xen: before 4.11.4_30-2.76.1
CPE2.3- cpe:2.3:o:suse:suse_openstack_cloud_crowbar:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:12-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP4-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_openstack_cloud:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:xen-tools-domu-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-domu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-doc-html:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222560-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Type Confusion
EUVDB-ID: #VU65204
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-23825
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a branch type confusion. A local user can force the branch predictor to predict the wrong branch type and gain access to sensitive information.
Update the affected package xen to the latest version.
Vulnerable software versionsSUSE OpenStack Cloud Crowbar: 9
SUSE Linux Enterprise Server for SAP: 12-SP4
SUSE Linux Enterprise Server: 12-SP4-LTSS
SUSE OpenStack Cloud: 9
xen-tools-domU-debuginfo: before 4.11.4_30-2.76.1
xen-tools-domU: before 4.11.4_30-2.76.1
xen-tools-debuginfo: before 4.11.4_30-2.76.1
xen-tools: before 4.11.4_30-2.76.1
xen-libs-debuginfo: before 4.11.4_30-2.76.1
xen-libs-debuginfo-32bit: before 4.11.4_30-2.76.1
xen-libs: before 4.11.4_30-2.76.1
xen-libs-32bit: before 4.11.4_30-2.76.1
xen-doc-html: before 4.11.4_30-2.76.1
xen-debugsource: before 4.11.4_30-2.76.1
xen: before 4.11.4_30-2.76.1
CPE2.3- cpe:2.3:o:suse:suse_openstack_cloud_crowbar:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:12-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP4-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_openstack_cloud:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:xen-tools-domu-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-domu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-doc-html:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222560-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Race condition
EUVDB-ID: #VU64446
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-26362
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to race condition in typeref acquisition Xen. A remote attacker can execute arbitrary code on the target system.
MitigationUpdate the affected package xen to the latest version.
Vulnerable software versionsSUSE OpenStack Cloud Crowbar: 9
SUSE Linux Enterprise Server for SAP: 12-SP4
SUSE Linux Enterprise Server: 12-SP4-LTSS
SUSE OpenStack Cloud: 9
xen-tools-domU-debuginfo: before 4.11.4_30-2.76.1
xen-tools-domU: before 4.11.4_30-2.76.1
xen-tools-debuginfo: before 4.11.4_30-2.76.1
xen-tools: before 4.11.4_30-2.76.1
xen-libs-debuginfo: before 4.11.4_30-2.76.1
xen-libs-debuginfo-32bit: before 4.11.4_30-2.76.1
xen-libs: before 4.11.4_30-2.76.1
xen-libs-32bit: before 4.11.4_30-2.76.1
xen-doc-html: before 4.11.4_30-2.76.1
xen-debugsource: before 4.11.4_30-2.76.1
xen: before 4.11.4_30-2.76.1
CPE2.3- cpe:2.3:o:suse:suse_openstack_cloud_crowbar:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:12-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP4-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_openstack_cloud:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:xen-tools-domu-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-domu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-doc-html:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222560-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU64448
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-26363
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insufficient care with non-coherent mappings. A remote attacker can pass a specially crafted data and trigger memory corruption and execute arbitrary code on the target system.
MitigationUpdate the affected package xen to the latest version.
Vulnerable software versionsSUSE OpenStack Cloud Crowbar: 9
SUSE Linux Enterprise Server for SAP: 12-SP4
SUSE Linux Enterprise Server: 12-SP4-LTSS
SUSE OpenStack Cloud: 9
xen-tools-domU-debuginfo: before 4.11.4_30-2.76.1
xen-tools-domU: before 4.11.4_30-2.76.1
xen-tools-debuginfo: before 4.11.4_30-2.76.1
xen-tools: before 4.11.4_30-2.76.1
xen-libs-debuginfo: before 4.11.4_30-2.76.1
xen-libs-debuginfo-32bit: before 4.11.4_30-2.76.1
xen-libs: before 4.11.4_30-2.76.1
xen-libs-32bit: before 4.11.4_30-2.76.1
xen-doc-html: before 4.11.4_30-2.76.1
xen-debugsource: before 4.11.4_30-2.76.1
xen: before 4.11.4_30-2.76.1
CPE2.3- cpe:2.3:o:suse:suse_openstack_cloud_crowbar:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:12-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP4-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_openstack_cloud:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:xen-tools-domu-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-domu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-doc-html:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222560-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer overflow
EUVDB-ID: #VU64447
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-26364
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insufficient care with non-coherent mappings. A remote attacker can pass a specially crafted data and trigger memory corruption and execute arbitrary code on the target system.
MitigationUpdate the affected package xen to the latest version.
Vulnerable software versionsSUSE OpenStack Cloud Crowbar: 9
SUSE Linux Enterprise Server for SAP: 12-SP4
SUSE Linux Enterprise Server: 12-SP4-LTSS
SUSE OpenStack Cloud: 9
xen-tools-domU-debuginfo: before 4.11.4_30-2.76.1
xen-tools-domU: before 4.11.4_30-2.76.1
xen-tools-debuginfo: before 4.11.4_30-2.76.1
xen-tools: before 4.11.4_30-2.76.1
xen-libs-debuginfo: before 4.11.4_30-2.76.1
xen-libs-debuginfo-32bit: before 4.11.4_30-2.76.1
xen-libs: before 4.11.4_30-2.76.1
xen-libs-32bit: before 4.11.4_30-2.76.1
xen-doc-html: before 4.11.4_30-2.76.1
xen-debugsource: before 4.11.4_30-2.76.1
xen: before 4.11.4_30-2.76.1
CPE2.3- cpe:2.3:o:suse:suse_openstack_cloud_crowbar:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:12-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP4-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_openstack_cloud:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:xen-tools-domu-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-domu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-doc-html:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222560-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Processor optimization removal or modification of security-critical code
EUVDB-ID: #VU65205
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-29900
CWE-ID:
CWE-1037 - Processor optimization removal or modification of security-critical code
Exploit availability: No
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a mistrained branch predictions for return instructions. A local user can execute arbitrary speculative code under certain microarchitecture-dependent conditions. The vulnerability was dubbed RETbleed.
MitigationUpdate the affected package xen to the latest version.
Vulnerable software versionsSUSE OpenStack Cloud Crowbar: 9
SUSE Linux Enterprise Server for SAP: 12-SP4
SUSE Linux Enterprise Server: 12-SP4-LTSS
SUSE OpenStack Cloud: 9
xen-tools-domU-debuginfo: before 4.11.4_30-2.76.1
xen-tools-domU: before 4.11.4_30-2.76.1
xen-tools-debuginfo: before 4.11.4_30-2.76.1
xen-tools: before 4.11.4_30-2.76.1
xen-libs-debuginfo: before 4.11.4_30-2.76.1
xen-libs-debuginfo-32bit: before 4.11.4_30-2.76.1
xen-libs: before 4.11.4_30-2.76.1
xen-libs-32bit: before 4.11.4_30-2.76.1
xen-doc-html: before 4.11.4_30-2.76.1
xen-debugsource: before 4.11.4_30-2.76.1
xen: before 4.11.4_30-2.76.1
CPE2.3- cpe:2.3:o:suse:suse_openstack_cloud_crowbar:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:12-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP4-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_openstack_cloud:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:xen-tools-domu-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-domu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-doc-html:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222560-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Resource exhaustion
EUVDB-ID: #VU65801
Risk: Medium
CVSSv4.0: 5.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Green]
CVE-ID: CVE-2022-33745
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in code responsible for migration and work around of kernels unaware of L1TF in shadow mode, related to TLB flush. A remote user with access to x86 PV guest can start the migration process to trigger the vulnerability and exhaust all available memory, resulting in a denial of service (DoS) attack.
Update the affected package xen to the latest version.
Vulnerable software versionsSUSE OpenStack Cloud Crowbar: 9
SUSE Linux Enterprise Server for SAP: 12-SP4
SUSE Linux Enterprise Server: 12-SP4-LTSS
SUSE OpenStack Cloud: 9
xen-tools-domU-debuginfo: before 4.11.4_30-2.76.1
xen-tools-domU: before 4.11.4_30-2.76.1
xen-tools-debuginfo: before 4.11.4_30-2.76.1
xen-tools: before 4.11.4_30-2.76.1
xen-libs-debuginfo: before 4.11.4_30-2.76.1
xen-libs-debuginfo-32bit: before 4.11.4_30-2.76.1
xen-libs: before 4.11.4_30-2.76.1
xen-libs-32bit: before 4.11.4_30-2.76.1
xen-doc-html: before 4.11.4_30-2.76.1
xen-debugsource: before 4.11.4_30-2.76.1
xen: before 4.11.4_30-2.76.1
CPE2.3- cpe:2.3:o:suse:suse_openstack_cloud_crowbar:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap:12-SP4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP4-LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_openstack_cloud:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:xen-tools-domu-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-domu:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-tools:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-libs-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-doc-html:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:xen:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222560-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
