SUSE: 2024:0277-2 Moderate: Xen Phantom Device Functions and Related Issues
suse
January 30, 2024
* bsc#1218851 * bsc#1219080 Cross-References: * CVE-2023-46839
Summary
## This update for xen fixes the following issues: * CVE-2023-46839: Fixed phantom functions assigned to incorrect contexts (XSA-449) (bsc#1218851) * CVE-2023-46840: Fixed VT-d: Failure to quarantine devices in !HVM builds (XSA-450) (bsc#1219080)
References
* bsc#1218851
* bsc#1219080
Cross-
* CVE-2023-46839
* CVE-2023-46840
CVSS scores:
* CVE-2023-46839 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-46840 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
Affected Products:
* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves two vulnerabilities can now be installed.
##
* https://www.suse.com/security/cve/CVE-2023-46839.html
* https://www.suse.com/security/cve/CVE-2023-46840.html
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2024:0266-1
Rating: moderate
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!