SUSE-SU-2022:3728-1 -- SLES xenID: oval:org.secpod.oval:def:89047686 | Date: (C)2022-10-28 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update for xen fixes the following issues: - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don"t zero memory regions before sharing them with the backend . - CVE-2022-33740: Fixed issue where Linux Block and Network PV device frontends don"t zero memory regions before sharing them with the backend . - CVE-2022-33741: Fixed issue where data residing in the same 4K page as data shared with a backend was being accessible by such backend . - CVE-2022-33742: Fixed issue where data residing in the same 4K page as data shared with a backend was being accessible by such backend . - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing . - CVE-2021-28689: Fixed speculative vulnerabilities with bare 32-bit PV guests . - CVE-2022-33748: Fixed DoS due to race in locking .
Platform: |
SUSE Linux Enterprise Server 12 SP5 |