Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2021:14848-1 Moderate: Stack Overflow And Memory Issues Fix

suse
Calendar Grey December 1, 2021
Dist Suse Esm H88
Important SUSE patch addresses a variety of vulnerabilities in xen that could impact server reliability and efficiency.
An update that fixes 17 vulnerabilities is now available

Summary

This update for xen fixes the following issues: - CVE-2021-0089: Fixed Speculative Code Store Bypass (XSA-375) (bsc#1186433). - CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100 (bsc#1182654). - CVE-2021-28690: Fixed x86 TSX Async Abort protections not restored after S3 (XSA-377) (bsc#1186434). - CVE-2021-28692: Fixed inappropriate x86 IOMMU timeout detection / handling (XSA-373) (bsc#1186429). - CVE-2021-28697: Fixed grant table v2 status pages may remain accessible after de-allocation (XSA-379) (bsc#1189376). - CVE-2021-28698: Fixed long running loops in grant table handling. (XSA-380) (bsc#1189378). - CVE-2021-28701: Fixed race condition in XENMAPSPACE_grant_table handling (XSA-384) (bsc#1189632).

Topics%20covered

Topics Covered

security advisory moderate security patch memory issue SUSE stack overflow xen

References

#1182654 #1186013 #1186429 #1186433 #1186434

#1187369 #1187376 #1187378 #1189150 #1189376

#1189378 #1189632 #1192526 #1192554 #1192555

#1192559

Cross- CVE-2021-0089 CVE-2021-20255 CVE-2021-28690

CVE-2021-28692 CVE-2021-28697 CVE-2021-28698

CVE-2021-28701 CVE-2021-28703 CVE-2021-28705

CVE-2021-28706 CVE-2021-28709 CVE-2021-3527

CVE-2021-3592 CVE-2021-3594 CVE-2021-3595

CVE-2021-3682 CVE-2021-3930

CVSS scores:

CVE-2021-0089 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2021-20255 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2021-20255 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

CVE-2021-28697 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:14848-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate security patch memory issue SUSE stack overflow xen

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here