Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2024:2533-1 Important: Xen Security Issues and Fixes

suse
Calendar Grey July 16, 2024
Dist Suse Esm H88
SUSE issues an urgent security notice for xen related to potential exploits; ensure to review significant patches and solutions.
* bsc#1222453 * bsc#1227355 Cross-References: * CVE-2024-2201

Summary

## This update for xen fixes the following issues: * CVE-2024-2201: Mitigation for Native Branch History Injection (XSA-456, bsc#1222453) * CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling (XSA-458, bsc#1227355).

Topics%20covered

Topics Covered

security advisory denial of service high severity buffer overflow SUSE important update xen

References

* bsc#1222453

* bsc#1227355

Cross-

* CVE-2024-2201

* CVE-2024-31143

CVSS scores:

* CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2024-31143 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3

* SUSE Enterprise Storage 7.1

* SUSE Linux Enterprise High Performance Computing 15 SP3

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3

* SUSE Linux Enterprise Micro 5.1

* SUSE Linux Enterprise Micro 5.2

* SUSE Linux Enterprise Micro for Rancher 5.2

* SUSE Linux Enterprise Server 15 SP3

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3

* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves two vulnerabilities can now be installed.

##

* https://www.suse.com/security/cve/CVE-2024-2201.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:2533-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service high severity buffer overflow SUSE important update xen

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here