SUSE update for xen

Published: 2024-07-16

Risk	Medium
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2024-2201
CWE-ID	CWE-1037
Exploitation vector	Local network
Public exploit	N/A
Vulnerable software	SUSE Linux Enterprise Software Development Kit 12 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 12 Operating systems & Components / Operating system SUSE Linux Enterprise Server 12 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 12 Operating systems & Components / Operating system xen-libs Operating systems & Components / Operating system package or component xen-libs-debuginfo Operating systems & Components / Operating system package or component xen-libs-debuginfo-32bit Operating systems & Components / Operating system package or component xen-tools-debuginfo Operating systems & Components / Operating system package or component xen-tools-domU Operating systems & Components / Operating system package or component xen-tools-domU-debuginfo Operating systems & Components / Operating system package or component xen-libs-32bit Operating systems & Components / Operating system package or component xen Operating systems & Components / Operating system package or component xen-doc-html Operating systems & Components / Operating system package or component xen-tools Operating systems & Components / Operating system package or component xen-debugsource Operating systems & Components / Operating system package or component xen-devel Operating systems & Components / Operating system package or component
Vendor	SUSE

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU88374

Risk: Medium

CVSSv3.1: 7.8 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-2201

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a malicious guest to escalate privileges on the system.

The vulnerability exists due to native branch history injection on x86 systems. A malicious guest can infer the contents of arbitrary host memory, including memory assigned to other guests and compromise the affected system.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Software Development Kit 12: SP5

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

xen-libs: before 4.12.4_50-3.112.1

xen-libs-debuginfo: before 4.12.4_50-3.112.1

xen-libs-debuginfo-32bit: before 4.12.4_50-3.112.1

xen-tools-debuginfo: before 4.12.4_50-3.112.1

xen-tools-domU: before 4.12.4_50-3.112.1

xen-tools-domU-debuginfo: before 4.12.4_50-3.112.1

xen-libs-32bit: before 4.12.4_50-3.112.1

xen: before 4.12.4_50-3.112.1

xen-doc-html: before 4.12.4_50-3.112.1

xen-tools: before 4.12.4_50-3.112.1

xen-debugsource: before 4.12.4_50-3.112.1

xen-devel: before 4.12.4_50-3.112.1

CPE2.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242534-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.