SB20221019103 - SUSE update for xen 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20221019103

SB20221019103 - SUSE update for xen

Published: October 19, 2022

Security Bulletin ID SB20221019103
Severity
Medium
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 13% Low 88%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Incorrect Resource Transfer Between Spheres (CVE-ID: CVE-2021-28689)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.


2) Information disclosure (CVE-ID: CVE-2022-26365)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend. A local user can gain unauthorized access to sensitive information on the system.


3) Information disclosure (CVE-ID: CVE-2022-33740)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend. A local user can gain unauthorized access to sensitive information on the system.


4) Information disclosure (CVE-ID: CVE-2022-33741)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend. A local user can gain unauthorized access to sensitive information on the system.


5) Information disclosure (CVE-ID: CVE-2022-33742)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend. A local user can gain unauthorized access to sensitive information on the system.


6) Resource exhaustion (CVE-ID: CVE-2022-33745)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in code responsible for migration and work around of kernels unaware of L1TF in shadow mode, related to TLB flush. A remote user with access to x86 PV guest can start the migration process to trigger the vulnerability and exhaust all available memory, resulting in a denial of service (DoS) attack.


7) Resource exhaustion (CVE-ID: CVE-2022-33746)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when freeing the P2M pool. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.


8) Improper handling of exceptional conditions (CVE-ID: CVE-2022-33748)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. A local user can send specially crafted input and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References