SUSE-SU-2022:4051-1 -- SLES xenID: oval:org.secpod.oval:def:89047889 | Date: (C)2022-11-21 (M)2024-02-08 |
Class: PATCH | Family: unix |
This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing . - CVE-2022-33748: Fixed DoS due to race in locking . - CVE-2021-28689: Fixed speculative vulnerabilities with bare 32-bit PV guests . - CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory - CVE-2022-42309: xen: Xenstore: Guests can crash xenstored - CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes - CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains - CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack - CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes Special Instructions and Notes: Please reboot the system after installing this update.
Platform: |
SUSE Linux Enterprise Server 12 SP2 |