Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2023-46835 CVE-2023-46836 |
CWE-ID | CWE-264 CWE-254 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
SUSE Linux Enterprise Micro Operating systems & Components / Operating system Server Applications Module Operating systems & Components / Operating system Basesystem Module Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system xen-libs-64bit Operating systems & Components / Operating system package or component xen-libs-64bit-debuginfo Operating systems & Components / Operating system package or component xen-tools-xendomains-wait-disk Operating systems & Components / Operating system package or component xen-doc-html Operating systems & Components / Operating system package or component xen Operating systems & Components / Operating system package or component xen-tools Operating systems & Components / Operating system package or component xen-tools-debuginfo Operating systems & Components / Operating system package or component xen-libs-32bit Operating systems & Components / Operating system package or component xen-libs-32bit-debuginfo Operating systems & Components / Operating system package or component xen-tools-domU Operating systems & Components / Operating system package or component xen-devel Operating systems & Components / Operating system package or component xen-debugsource Operating systems & Components / Operating system package or component xen-tools-domU-debuginfo Operating systems & Components / Operating system package or component xen-libs Operating systems & Components / Operating system package or component xen-libs-debuginfo Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU83162
Risk: Medium
CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-46835
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote guest to gain access to sensitive information.
The vulnerability exists due to improperly imposed security restrictions caused by a mismatch in IOMMU quarantine page table levels. A device in quarantine mode can access data from previous quarantine page table usages, possibly leaking data used by previous domains that also had the device assigned.
Update the affected package xen to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
Server Applications Module: 15-SP5
Basesystem Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
SUSE Linux Enterprise Desktop 15: SP5
openSUSE Leap: 15.5
xen-libs-64bit: before 4.17.3_02-150500.3.18.1
xen-libs-64bit-debuginfo: before 4.17.3_02-150500.3.18.1
xen-tools-xendomains-wait-disk: before 4.17.3_02-150500.3.18.1
xen-doc-html: before 4.17.3_02-150500.3.18.1
xen: before 4.17.3_02-150500.3.18.1
xen-tools: before 4.17.3_02-150500.3.18.1
xen-tools-debuginfo: before 4.17.3_02-150500.3.18.1
xen-libs-32bit: before 4.17.3_02-150500.3.18.1
xen-libs-32bit-debuginfo: before 4.17.3_02-150500.3.18.1
xen-tools-domU: before 4.17.3_02-150500.3.18.1
xen-devel: before 4.17.3_02-150500.3.18.1
xen-debugsource: before 4.17.3_02-150500.3.18.1
xen-tools-domU-debuginfo: before 4.17.3_02-150500.3.18.1
xen-libs: before 4.17.3_02-150500.3.18.1
xen-libs-debuginfo: before 4.17.3_02-150500.3.18.1
CPE2.3http://www.suse.com/support/update/announcement/2023/suse-su-20234945-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU83163
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-46836
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote guest to bypass implemented security restrictions.
The vulnerability exists due to improper implementation of mitigations against BTC/SRSO. A malicious guest can bypass BTC/SRSO protections and launch a BTC/SRSO attack against Xen, which can result in memory access to other guests.
Update the affected package xen to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
Server Applications Module: 15-SP5
Basesystem Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
SUSE Linux Enterprise Desktop 15: SP5
openSUSE Leap: 15.5
xen-libs-64bit: before 4.17.3_02-150500.3.18.1
xen-libs-64bit-debuginfo: before 4.17.3_02-150500.3.18.1
xen-tools-xendomains-wait-disk: before 4.17.3_02-150500.3.18.1
xen-doc-html: before 4.17.3_02-150500.3.18.1
xen: before 4.17.3_02-150500.3.18.1
xen-tools: before 4.17.3_02-150500.3.18.1
xen-tools-debuginfo: before 4.17.3_02-150500.3.18.1
xen-libs-32bit: before 4.17.3_02-150500.3.18.1
xen-libs-32bit-debuginfo: before 4.17.3_02-150500.3.18.1
xen-tools-domU: before 4.17.3_02-150500.3.18.1
xen-devel: before 4.17.3_02-150500.3.18.1
xen-debugsource: before 4.17.3_02-150500.3.18.1
xen-tools-domU-debuginfo: before 4.17.3_02-150500.3.18.1
xen-libs: before 4.17.3_02-150500.3.18.1
xen-libs-debuginfo: before 4.17.3_02-150500.3.18.1
CPE2.3http://www.suse.com/support/update/announcement/2023/suse-su-20234945-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.