SUSE-SU-2021:14848-1 -- SLES xenID: oval:org.secpod.oval:def:89045822 | Date: (C)2021-12-31 (M)2024-02-08 |
Class: PATCH | Family: unix |
This update for xen fixes the following issues: - CVE-2021-0089: Fixed Speculative Code Store Bypass . - CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100 . - CVE-2021-28690: Fixed x86 TSX Async Abort protections not restored after S3 . - CVE-2021-28692: Fixed inappropriate x86 IOMMU timeout detection / handling . - CVE-2021-28697: Fixed grant table v2 status pages may remain accessible after de-allocation . - CVE-2021-28698: Fixed long running loops in grant table handling. - CVE-2021-28701: Fixed race condition in XENMAPSPACE_grant_table handling . - CVE-2021-28703: Fixed grant table v2 status pages may remain accessible after de-allocation . - CVE-2021-28705, CVE-2021-28709: Fixed issues with partially successful P2M updates on x86 . - CVE-2021-28706: Fixed guests may exceed their designated memory limit . - CVE-2021-3527: Fixed unbounded stack allocation in usbredir . - CVE-2021-3592: Fixed invalid pointer initialization may lead to information disclosure in slirp . - CVE-2021-3594: Fixed invalid pointer initialization may lead to information disclosure in slirp . - CVE-2021-3595: Fixed invalid pointer initialization may lead to information disclosure in slirp . - CVE-2021-3682: Fixed free call on invalid pointer in usbredir bufp_alloc . - CVE-2021-3930: Fixed off-by-one error in mode_sense_page in hw/scsi/scsi-disk.c . Special Instructions and Notes: Please reboot the system after installing this update.
Platform: |
SUSE Linux Enterprise Server 11 SP4 |