SUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2084-1
Rating: important
References: #1199965 #1199966
Cross-References: CVE-2022-26362 CVE-2022-26363 CVE-2022-26364
CVSS scores:
CVE-2022-26362 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26363 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26364 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP5
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for xen fixes the following issues:
- CVE-2022-26362: Fixed race condition in typeref acquisition (bsc#1199965)
- CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with
non-coherent mappings (bsc#1199966)
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12-SP5:
zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-2084=1
- SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-2084=1
Package List:
- SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 x86_64):
xen-debugsource-4.12.4_24-3.71.1
xen-devel-4.12.4_24-3.71.1
- SUSE Linux Enterprise Server 12-SP5 (x86_64):
xen-4.12.4_24-3.71.1
xen-debugsource-4.12.4_24-3.71.1
xen-doc-html-4.12.4_24-3.71.1
xen-libs-32bit-4.12.4_24-3.71.1
xen-libs-4.12.4_24-3.71.1
xen-libs-debuginfo-32bit-4.12.4_24-3.71.1
xen-libs-debuginfo-4.12.4_24-3.71.1
xen-tools-4.12.4_24-3.71.1
xen-tools-debuginfo-4.12.4_24-3.71.1
xen-tools-domU-4.12.4_24-3.71.1
xen-tools-domU-debuginfo-4.12.4_24-3.71.1
References:
https://www.suse.com/security/cve/CVE-2022-26362.html
https://www.suse.com/security/cve/CVE-2022-26363.html
https://www.suse.com/security/cve/CVE-2022-26364.html
https://bugzilla.suse.com/1199965
https://bugzilla.suse.com/1199966
SUSE: 2022:2084-1 important: xen
June 14, 2022
An update that fixes three vulnerabilities is now available
Summary
This update for xen fixes the following issues: - CVE-2022-26362: Fixed race condition in typeref acquisition (bsc#1199965) - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings (bsc#1199966)
References
#1199965 #1199966
Cross- CVE-2022-26362 CVE-2022-26363 CVE-2022-26364
CVSS scores:
CVE-2022-26362 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26363 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26364 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP5
https://www.suse.com/security/cve/CVE-2022-26362.html
https://www.suse.com/security/cve/CVE-2022-26363.html
https://www.suse.com/security/cve/CVE-2022-26364.html
https://bugzilla.suse.com/1199965
https://bugzilla.suse.com/1199966
Severity
Announcement ID: SUSE-SU-2022:2084-1
Rating: important
News
HOWTOs
Features
How To Hide Your IP And Keep From Being Tracked
Which Browser is Best for Online Security?
Complete Guide to Using Wapiti Web Vulnerability Scanner to Keep Your Web Applications & Websites Secure
Guide to Web Application Penetration Testing
Thank You for Participating in Our Security Dashboard Redesign Survey
About Us
Powered By
