xen (SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOS package xen, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (42)
CVE-2022-33745 — CVSS 8.8 (high): insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV…
CVE-2022-42309 — CVSS 8.8 (high): Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during…
CVE-2022-26358 — CVSS 7.8 (high): IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-26360 — CVSS 7.8 (high): IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-26359 — CVSS 7.8 (high): IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-23033 — CVSS 7.8 (high): arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm…
CVE-2022-26361 — CVSS 7.8 (high): IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42320 — CVSS 7.0 (high): Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. When a domain is gone…
CVE-2022-26357 — CVSS 7.0 (high): race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain…
CVE-2022-26363 — CVSS 6.7 (medium): x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-26364 — CVSS 6.7 (medium): x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42315 — CVSS 6.5 (medium): Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-0001 — CVSS 6.5 (medium): Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to…
CVE-2022-0002 — CVSS 6.5 (medium): Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable…
CVE-2022-23825 — CVSS 6.5 (medium): Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information…
CVE-2022-29900 — CVSS 6.5 (medium): Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-depend…
CVE-2022-33746 — CVSS 6.5 (medium): P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size…
CVE-2022-42311 — CVSS 6.5 (medium): Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42312 — CVSS 6.5 (medium): Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42313 — CVSS 6.5 (medium): Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42314 — CVSS 6.5 (medium): Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42316 — CVSS 6.5 (medium): Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42317 — CVSS 6.5 (medium): Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42318 — CVSS 6.5 (medium): Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42319 — CVSS 6.5 (medium): Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate…
CVE-2022-42321 — CVSS 6.5 (medium): Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting…
CVE-2022-26362 — CVSS 6.4 (medium): x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count…
CVE-2022-26356 — CVSS 5.6 (medium): Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram…
CVE-2022-33748 — CVSS 5.6 (medium): lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path…
CVE-2021-28689 — CVSS 5.5 (medium): x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was…
CVE-2022-23034 — CVSS 5.5 (medium): A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case…
CVE-2022-21166 — CVSS 5.5 (medium): Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to…
CVE-2022-21123 — CVSS 5.5 (medium): Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable…
CVE-2022-42322 — CVSS 5.5 (medium): Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains…
CVE-2022-42323 — CVSS 5.5 (medium): Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains…
CVE-2022-42325 — CVSS 5.5 (medium): Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text…
CVE-2022-42326 — CVSS 5.5 (medium): Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text…
CVE-2022-42310 — CVSS 5.5 (medium): Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious…
CVE-2022-21125 — CVSS 5.5 (medium): Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable…
CVE-2022-23035 — CVSS 4.6 (medium): Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests…
CVE-2022-23816: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.