SUSE-SU-2024:1259-1

Import Source

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2024:1259-1

Related

Published

2024-04-12T13:03:16Z

Modified

2024-04-12T13:03:16Z

Summary

Security update for xen

Details

This update for xen fixes the following issues:

CVE-2023-46842: Fixed denial of service due to Xen bug check triggered by HVM hypercalls (XSA-454) in xen x86 (bsc#1221984)
CVE-2024-31142: Fixed incorrect logic for BTC/SRSO mitigations (XSA-455) in xen x86 (bsc#1222302)
CVE-2024-2201: Fixed memory disclosure via Native Branch History Injection (XSA-456) in xen x86 (bsc#1222453)

Other fixes:

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.6_02-150400.4.55.1

{
    "binaries": [
        {
            "xen-libs": "4.16.6_02-150400.4.55.1"
        }
    ]
}

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.6_02-150400.4.55.1

{
    "binaries": [
        {
            "xen-libs": "4.16.6_02-150400.4.55.1"
        }
    ]
}

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.6_02-150400.4.55.1

{
    "binaries": [
        {
            "xen-libs": "4.16.6_02-150400.4.55.1"
        }
    ]
}

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.6_02-150400.4.55.1

{
    "binaries": [
        {
            "xen-libs": "4.16.6_02-150400.4.55.1"
        }
    ]
}