Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE 12-SP2-BCL: 2022:1375-1 Important: Denial Of Service Issues

suse
Calendar Grey April 25, 2022
Dist Suse Esm H88
This SUSE Security Update addresses critical fixes in xen, enhancing system stability and security. Stay protected!
An update that fixes 10 vulnerabilities is now available

Summary

This update for xen fixes the following issues: - CVE-2022-26356: Fixed potential race conditions in dirty memory tracking that could cause a denial of service in the host (bsc#1197423). - CVE-2022-26357: Fixed a potential race condition in memory cleanup for hosts using VT-d IOMMU hardware, which could lead to a denial of service in the host (bsc#1197425). - CVE-2022-26358,CVE-2022-26359,CVE-2022-26360,CVE-2022-26361: Fixed various memory corruption issues for hosts using VT-d or AMD-Vi IOMMU hardware. These could be leveraged by an attacker to cause a denial of service in the host (bsc#1197426). - CVE-2022-0001, CVE-2022-0002, CVE-2021-26401: Added BHB speculation issue mitigations (bsc#1196915). - CVE-2021-20257: Fixed an infinite loop in the e1000 emulated device,

Topics%20covered

Topics Covered

security advisory denial of service important SUSE Linux xen memory issues

References

#1182846 #1196915 #1197423 #1197425 #1197426

Cross- CVE-2021-20257 CVE-2021-26401 CVE-2022-0001

CVE-2022-0002 CVE-2022-26356 CVE-2022-26357

CVE-2022-26358 CVE-2022-26359 CVE-2022-26360

CVE-2022-26361

CVSS scores:

CVE-2021-20257 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CVE-2021-20257 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

CVE-2021-26401 (NVD) : 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2021-26401 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2022-0001 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2022-0001 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2022-0002 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:1375-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service important SUSE Linux xen memory issues

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here