SUSE-SU-2021:2957-1 -- SLES xenID: oval:org.secpod.oval:def:89045632 | Date: (C)2021-09-20 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for xen fixes the following issues: - CVE-2021-3594: slirp: invalid pointer initialization may lead to information disclosure . - CVE-2021-3595: slirp: invalid pointer initialization may lead to information disclosure . - CVE-2021-28698: long running loops in grant table handling . - CVE-2021-28699: inadequate grant-v2 status frames array bounds check . - CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100 - CVE-2021-28690: xen: x86: TSX Async Abort protections not restored after S3 - CVE-2021-28692: xen: inappropriate x86 IOMMU timeout detection / handling - CVE-2021-28694,CVE-2021-28695,CVE-2021-28696: IOMMU page mapping issues on x86 . - CVE-2021-0089: xen: Speculative Code Store Bypass - CVE-2021-28697: grant table v2 status pages may remain accessible after de-allocation . - CVE-2021-3592: slirp: invalid pointer initialization may lead to information disclosure . - Prevent superpage allocation in the LAPIC and ACPI_INFO range .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |