SUSE-SU-2023:0845-1
- Source
- https://www.suse.com/support/update/announcement/2023/suse-su-20230845-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:0845-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2023:0845-1
- Upstream
- Related
- Published
- 2023-03-21T12:25:46Z
- Modified
- 2025-05-08T17:30:27.269168Z
- Summary
- Security update for xen
- Details
-
This update for xen fixes the following issues:
- CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode (bsc#1209017).
- CVE-2022-42333,CVE-2022-42334: Fixed x86/HVM pinned cache attributes mis-handling (bsc#1209018).
- CVE-2022-42331: Fixed speculative vulnerability in 32bit SYSCALL path on x86 (bsc#1209019).
- References
-
- https://www.suse.com/support/update/announcement/2023/suse-su-20230845-1/
- https://bugzilla.suse.com/1209017
- https://bugzilla.suse.com/1209018
- https://bugzilla.suse.com/1209019
- https://bugzilla.suse.com/1209188
- https://www.suse.com/security/cve/CVE-2022-42331
- https://www.suse.com/security/cve/CVE-2022-42332
- https://www.suse.com/security/cve/CVE-2022-42333
- https://www.suse.com/security/cve/CVE-2022-42334
Affected packages
SUSE:Linux Enterprise Server 12 SP5
xen
Package
- Name
- xen
- Purl
- pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.12.4_34-3.88.1
SUSE:Linux Enterprise Server for SAP Applications 12 SP5
xen
Package
- Name
- xen
- Purl
- pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.12.4_34-3.88.1