SUSE-SU-2022:4007-1 -- SLES xenID: oval:org.secpod.oval:def:89047895 | Date: (C)2022-11-21 (M)2024-02-08 |
Class: PATCH | Family: unix |
This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing . - CVE-2022-33748: Fixed DoS due to race in locking . - CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory - CVE-2022-42309: xen: Xenstore: Guests can crash xenstored - CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes - CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free temporary memory - CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains - CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack - CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes - CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary number of nodes via transactions - xen: Frontends vulnerable to backends . Special Instructions and Notes: Please reboot the system after installing this update.
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Server 15 SP4 |