SUSE-SU-2022:4332-1 -- SLES xenID: oval:org.secpod.oval:def:89048019 | Date: (C)2023-01-04 (M)2024-02-08 |
Class: PATCH | Family: unix |
This update for xen fixes the following issues: - CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory - CVE-2022-42309: xen: Xenstore: Guests can crash xenstored - CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes - CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free temporary memory - CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains - CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack - CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes - CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary number of nodes via transactions - xen: Frontends vulnerable to backends Special Instructions and Notes: Please reboot the system after installing this update.
Platform: |
SUSE Linux Enterprise Server 12 SP5 |