Fedora 34: 2021:0487-3 Critical: Kernel Memory Vulnerabilities
opensuse
September 2, 2021
An update that solves 11 vulnerabilities and has 7 fixes is now available
Description
This update for xen fixes the following issues:
Update to Xen 4.13.3 general bug fix release (bsc#1027519).
Security issues fixed:
- CVE-2021-28693: xen/arm: Boot modules are not scrubbed (bsc#1186428)
- CVE-2021-28692: xen: inappropriate x86 IOMMU timeout detection /
handling (bsc#1186429)
- CVE-2021-0089: xen: Speculative Code Store Bypass (bsc#1186433)
- CVE-2021-28690: xen: x86: TSX Async Abort protections not restored after
S3 (bsc#1186434)
- CVE-2021-28694,CVE-2021-28695,CVE-2021-28696: IOMMU page mapping issues
on x86 (XSA-378)(bsc#1189373).
- CVE-2021-28697: grant table v2 status pages may remain accessible after
de-allocation (XSA-379)(bsc#1189376).
- CVE-2021-28698: long running loops in grant table handling
(XSA-380)(bsc#1189378).
- CVE-2021-28699: inadequate grant-v2 status frames array bounds check
(XSA-382)(bsc#1189380).
- CVE-2021-28700: No memory limit for dom0less domUs
(XSA-383)(bsc#1189381).
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2923=1
Package List
- openSUSE Leap 15.3 (aarch64 x86_64):
xen-4.14.2_04-3.9.1
xen-debugsource-4.14.2_04-3.9.1
xen-devel-4.14.2_04-3.9.1
xen-doc-html-4.14.2_04-3.9.1
xen-libs-4.14.2_04-3.9.1
xen-libs-debuginfo-4.14.2_04-3.9.1
xen-tools-4.14.2_04-3.9.1
xen-tools-debuginfo-4.14.2_04-3.9.1
xen-tools-domU-4.14.2_04-3.9.1
xen-tools-domU-debuginfo-4.14.2_04-3.9.1
- openSUSE Leap 15.3 (noarch):
xen-tools-xendomains-wait-disk-4.14.2_04-3.9.1
- openSUSE Leap 15.3 (x86_64):
xen-libs-32bit-4.14.2_04-3.9.1
xen-libs-32bit-debuginfo-4.14.2_04-3.9.1
References
https://www.suse.com/security/cve/CVE-2021-0089.html
https://www.suse.com/security/cve/CVE-2021-28690.html
https://www.suse.com/security/cve/CVE-2021-28692.html
https://www.suse.com/security/cve/CVE-2021-28693.html
https://www.suse.com/security/cve/CVE-2021-28694.html
https://www.suse.com/security/cve/CVE-2021-28695.html
https://www.suse.com/security/cve/CVE-2021-28696.html
https://www.suse.com/security/cve/CVE-2021-28697.html
https://www.suse.com/security/cve/CVE-2021-28698.html
https://www.suse.com/security/cve/CVE-2021-28699.html
https://www.suse.com/security/cve/CVE-2021-28700.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1176189
https://bugzilla.suse.com/1179246
https://bugzilla.suse.com/1183243
https://bugzilla.suse.com/1183877
https://bugzilla.suse.com/1185682
https://bugzilla.suse.com/1186428
https://bugzilla.suse.com/1186429
https://bugzilla.suse.com/1186433
https://bugzilla.suse.com/1186434
https://bugzilla.suse.com/1187406
https://bugzilla.suse.com/1188050
https://bugzilla.suse....
Read the Full Advisory
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2021:2923-1
Rating: important
Affected Products: openSUSE Leap 15.3 ble.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!