Security update for xen SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:1152-1 Final 1 1 2024-04-08T09:36:51Z current 2024-04-08T09:36:51Z 2024-04-08T09:36:51Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xen This update for xen fixes the following issues: - CVE-2023-28746: Register File Data Sampling (bsc#1221332) - CVE-2024-2193: Fixed GhostRace, a speculative race conditions. (bsc#1221334) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES15-SP3-BYOS-Azure-2024-1152,Image SLES15-SP3-BYOS-EC2-HVM-2024-1152,Image SLES15-SP3-BYOS-GCE-2024-1152,Image SLES15-SP3-CHOST-BYOS-Aliyun-2024-1152,Image SLES15-SP3-CHOST-BYOS-Azure-2024-1152,Image SLES15-SP3-CHOST-BYOS-EC2-2024-1152,Image SLES15-SP3-CHOST-BYOS-GCE-2024-1152,Image SLES15-SP3-CHOST-BYOS-SAP-CCloud-2024-1152,Image SLES15-SP3-HPC-BYOS-Azure-2024-1152,Image SLES15-SP3-HPC-BYOS-EC2-HVM-2024-1152,Image SLES15-SP3-HPC-BYOS-GCE-2024-1152,Image SLES15-SP3-Micro-5-1-BYOS-Azure-2024-1152,Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM-2024-1152,Image SLES15-SP3-Micro-5-1-BYOS-GCE-2024-1152,Image SLES15-SP3-Micro-5-2-BYOS-Azure-2024-1152,Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM-2024-1152,Image SLES15-SP3-Micro-5-2-BYOS-GCE-2024-1152,Image SLES15-SP3-SAP-Azure-LI-BYOS-Production-2024-1152,Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production-2024-1152,Image SLES15-SP3-SAP-BYOS-Azure-2024-1152,Image SLES15-SP3-SAP-BYOS-EC2-HVM-2024-1152,Image SLES15-SP3-SAP-BYOS-GCE-2024-1152,Image SLES15-SP3-SAPCAL-Azure-2024-1152,Image SLES15-SP3-SAPCAL-EC2-HVM-2024-1152,Image SLES15-SP3-SAPCAL-GCE-2024-1152,SUSE-2024-1152,SUSE-SUSE-MicroOS-5.1-2024-1152,SUSE-SUSE-MicroOS-5.2-2024-1152 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20241152-1/ Link for SUSE-SU-2024:1152-1 https://lists.suse.com/pipermail/sle-updates/2024-April/034870.html E-Mail link for SUSE-SU-2024:1152-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1221332 SUSE Bug 1221332 https://bugzilla.suse.com/1221334 SUSE Bug 1221334 https://www.suse.com/security/cve/CVE-2023-28746/ SUSE CVE CVE-2023-28746 page https://www.suse.com/security/cve/CVE-2024-2193/ SUSE CVE CVE-2024-2193 page Image SLES15-SP3-BYOS-Azure Image SLES15-SP3-BYOS-EC2-HVM Image SLES15-SP3-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-Aliyun Image SLES15-SP3-CHOST-BYOS-Azure Image SLES15-SP3-CHOST-BYOS-EC2 Image SLES15-SP3-CHOST-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-SAP-CCloud Image SLES15-SP3-HPC-BYOS-Azure Image SLES15-SP3-HPC-BYOS-EC2-HVM Image SLES15-SP3-HPC-BYOS-GCE Image SLES15-SP3-Micro-5-1-BYOS-Azure Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-1-BYOS-GCE Image SLES15-SP3-Micro-5-2-BYOS-Azure Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-2-BYOS-GCE Image SLES15-SP3-SAP-Azure-LI-BYOS-Production Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production Image SLES15-SP3-SAP-BYOS-Azure Image SLES15-SP3-SAP-BYOS-EC2-HVM Image SLES15-SP3-SAP-BYOS-GCE Image SLES15-SP3-SAPCAL-Azure Image SLES15-SP3-SAPCAL-EC2-HVM Image SLES15-SP3-SAPCAL-GCE SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 xen-libs-4.14.6_12-150300.3.69.1 xen-tools-domU-4.14.6_12-150300.3.69.1 xen-4.14.6_12-150300.3.69.1 xen-devel-4.14.6_12-150300.3.69.1 xen-doc-html-4.14.6_12-150300.3.69.1 xen-libs-32bit-4.14.6_12-150300.3.69.1 xen-libs-64bit-4.14.6_12-150300.3.69.1 xen-tools-4.14.6_12-150300.3.69.1 xen-tools-xendomains-wait-disk-4.14.6_12-150300.3.69.1 xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-BYOS-Azure xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-BYOS-EC2-HVM xen-tools-domU-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-BYOS-EC2-HVM xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-BYOS-GCE xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-CHOST-BYOS-Aliyun xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-CHOST-BYOS-Azure xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-CHOST-BYOS-EC2 xen-tools-domU-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-CHOST-BYOS-EC2 xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-CHOST-BYOS-GCE xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-CHOST-BYOS-SAP-CCloud xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-HPC-BYOS-Azure xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-HPC-BYOS-EC2-HVM xen-tools-domU-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-HPC-BYOS-EC2-HVM xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-HPC-BYOS-GCE xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-Azure xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM xen-tools-domU-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-GCE xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-Azure xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM xen-tools-domU-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-GCE xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM xen-tools-domU-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-SAPCAL-Azure xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM xen-tools-domU-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM xen-libs-4.14.6_12-150300.3.69.1 as a component of Image SLES15-SP3-SAPCAL-GCE xen-libs-4.14.6_12-150300.3.69.1 as a component of SUSE Linux Enterprise Micro 5.1 xen-libs-4.14.6_12-150300.3.69.1 as a component of SUSE Linux Enterprise Micro 5.2 Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2023-28746 Image SLES15-SP3-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-BYOS-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-BYOS-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-EC2:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-EC2:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-HPC-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-HPC-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAPCAL-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAPCAL-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAPCAL-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAPCAL-GCE:xen-libs-4.14.6_12-150300.3.69.1 SUSE Linux Enterprise Micro 5.1:xen-libs-4.14.6_12-150300.3.69.1 SUSE Linux Enterprise Micro 5.2:xen-libs-4.14.6_12-150300.3.69.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20241152-1/ https://www.suse.com/security/cve/CVE-2023-28746.html CVE-2023-28746 https://bugzilla.suse.com/1213456 SUSE Bug 1213456 https://bugzilla.suse.com/1221323 SUSE Bug 1221323 A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. CVE-2024-2193 Image SLES15-SP3-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-BYOS-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-BYOS-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-EC2:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-EC2:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-HPC-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-HPC-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-BYOS-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAP-BYOS-GCE:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAPCAL-Azure:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAPCAL-EC2-HVM:xen-libs-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAPCAL-EC2-HVM:xen-tools-domU-4.14.6_12-150300.3.69.1 Image SLES15-SP3-SAPCAL-GCE:xen-libs-4.14.6_12-150300.3.69.1 SUSE Linux Enterprise Micro 5.1:xen-libs-4.14.6_12-150300.3.69.1 SUSE Linux Enterprise Micro 5.2:xen-libs-4.14.6_12-150300.3.69.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20241152-1/ https://www.suse.com/security/cve/CVE-2024-2193.html CVE-2024-2193 https://bugzilla.suse.com/1217857 SUSE Bug 1217857