Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2022-1408-1.NASL
HistoryApr 27, 2022 - 12:00 a.m.

SUSE SLES12 Security Update : xen (SUSE-SU-2022:1408-1)

2022-04-2700:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
JSON

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1408-1 advisory.

  • LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
    (CVE-2021-26401)

  • Non-transparent sharing of branch predictor selectors between contexts in some IntelĀ® Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)

  • Non-transparent sharing of branch predictor within a context in some IntelĀ® Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)

  • Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_vram can enable log dirty while another CPU is still in the process of tearing down the structures related to a previously enabled log dirty mode (XEN_DOMCTL_SHADOW_OP_OFF). This is due to lack of mutually exclusive locking between both operations and can lead to entries being added in already freed slots, resulting in a memory leak.
    (CVE-2022-26356)

  • race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the housekeeping structures has a race, allowing for VT-d domain IDs to be leaked and flushes to be bypassed.
    (CVE-2022-26357)

  • IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, RMRR) for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. This requirement has been violated. Subsequent DMA or interrupts from the device may have unpredictable behaviour, ranging from IOMMU faults to memory corruption. (CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361)

Note that Nessus has not tested for these issues but has instead relied only on the applicationā€™s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2022:1408-1. The text itself
# is copyright (C) SUSE.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(160220);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/13");

  script_cve_id(
    "CVE-2021-26401",
    "CVE-2022-0001",
    "CVE-2022-0002",
    "CVE-2022-26356",
    "CVE-2022-26357",
    "CVE-2022-26358",
    "CVE-2022-26359",
    "CVE-2022-26360",
    "CVE-2022-26361"
  );
  script_xref(name:"SuSE", value:"SUSE-SU-2022:1408-1");

  script_name(english:"SUSE SLES12 Security Update : xen (SUSE-SU-2022:1408-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as
referenced in the SUSE-SU-2022:1408-1 advisory.

  - LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
    (CVE-2021-26401)

  - Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may
    allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)

  - Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an
    authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)

  - Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode
    done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing
    log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_vram can enable log dirty while
    another CPU is still in the process of tearing down the structures related to a previously enabled log
    dirty mode (XEN_DOMCTL_SHADOW_OP_OFF). This is due to lack of mutually exclusive locking between both
    operations and can lead to entries being added in already freed slots, resulting in a memory leak.
    (CVE-2022-26356)

  - race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only
    less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore
    internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the housekeeping
    structures has a race, allowing for VT-d domain IDs to be leaked and flushes to be bypassed.
    (CVE-2022-26357)

  - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple
    CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a
    system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, RMRR)
    for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as
    legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with
    such a region is active, the mappings of these regions need to remain continuouly accessible by the
    device. This requirement has been violated. Subsequent DMA or interrupts from the device may have
    unpredictable behaviour, ranging from IOMMU faults to memory corruption. (CVE-2022-26358, CVE-2022-26359,
    CVE-2022-26360, CVE-2022-26361)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1196915");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1197423");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1197425");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1197426");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-26401");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0001");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0002");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-26356");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-26357");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-26358");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-26359");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-26360");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-26361");
  # https://lists.suse.com/pipermail/sle-security-updates/2022-April/010836.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ba2bf213");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-26357");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-26361");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/04/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/04/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-doc-html");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-libs-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-tools-domU");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12|SLES_SAP12)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);

var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(3)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES12 SP3", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP12" && (! preg(pattern:"^(3)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP12 SP3", os_ver + " SP" + service_pack);

var pkgs = [
    {'reference':'xen-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
    {'reference':'xen-doc-html-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
    {'reference':'xen-libs-32bit-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
    {'reference':'xen-libs-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
    {'reference':'xen-tools-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
    {'reference':'xen-tools-domU-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
    {'reference':'xen-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-doc-html-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-doc-html-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-libs-32bit-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-libs-32bit-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-libs-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-libs-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-tools-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-tools-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-tools-domU-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
    {'reference':'xen-tools-domU-4.9.4_28-3.103.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']}
];

var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var exists_check = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (exists_check) {
      var check_flag = 0;
      foreach var check (exists_check) {
        if (!rpm_exists(release:_release, rpm:check)) continue;
        if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
        check_flag++;
      }
      if (!check_flag) continue;
    }
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  var ltss_plugin_caveat = NULL;
  if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
    'NOTE: This vulnerability check contains fixes that apply to\n' +
    'packages only available in SUSE Enterprise Linux Server LTSS\n' +
    'repositories. Access to these package security updates require\n' +
    'a paid SUSE LTSS subscription.\n';
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + ltss_plugin_caveat
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'xen / xen-doc-html / xen-libs / xen-libs-32bit / xen-tools / etc');
}
VendorProductVersionCPE
novellsuse_linuxxenp-cpe:/a:novell:suse_linux:xen
novellsuse_linuxxen-libs-32bitp-cpe:/a:novell:suse_linux:xen-libs-32bit
novellsuse_linuxxen-toolsp-cpe:/a:novell:suse_linux:xen-tools
novellsuse_linuxxen-doc-htmlp-cpe:/a:novell:suse_linux:xen-doc-html
novellsuse_linuxxen-libsp-cpe:/a:novell:suse_linux:xen-libs
novellsuse_linuxxen-tools-domup-cpe:/a:novell:suse_linux:xen-tools-domu
novellsuse_linux12cpe:/o:novell:suse_linux:12

References

Related

nessus 77
fedora 3
suse 11
xen 4
debian 3
osv 11
redhat 6
prion 9
f5 1
amd 1
cve 9
debiancve 9
redhatcve 3
ubuntucve 9
intel 1
cloudfoundry 2
ubuntu 3
centos 4
rosalinux 1
alpinelinux 2
citrix 2
veracode 7
oraclelinux 4
mscve 1
threatpost 1
openvas 13
amazon 1
mageia 1
nessus
nessus
SUSE SLES15 Security Update : xen (SUSE-SU-2022:1359-1)
2022-04-26 00:00:00
SUSE SLES12 Security Update : xen (SUSE-SU-2022:1285-1)
2022-04-21 00:00:00
SUSE SLES15 Security Update : xen (SUSE-SU-2022:1300-1)
2022-04-23 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: xen-4.14.5-1.fc34
2022-05-02 07:30:55
[SECURITY] Fedora 36 Update: xen-4.16.1-1.fc36
2022-05-07 05:01:19
[SECURITY] Fedora 35 Update: xen-4.15.2-3.fc35
2022-04-21 21:22:10
suse
suse
Security update for xen (moderate)
2022-05-03 00:00:00
Security update for xen (important)
2022-03-23 00:00:00
Security update for xen (important)
2022-06-13 00:00:00
xen
xen
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues
2022-04-05 12:00:00
Multiple speculative security issues
2022-03-08 18:12:00
race in VT-d domain ID cleanup
2022-04-05 11:12:00
debian
debian
[SECURITY] [DSA 5117-1] xen security update
2022-04-10 18:07:14
[SECURITY] [DLA 1362-1] gcc-4.9-backport new package
2018-04-25 16:19:40
[SECURITY] [DLA 1349-1] linux-tools security update
2018-04-16 22:31:08
osv
osv
xen - security update
2022-04-10 00:00:00
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, ilinux-lts-xenial, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
2022-03-09 02:02:45
CVE-2022-26358
2022-04-05 13:15:07
redhat
redhat
(RHSA-2023:0187) Moderate: kernel security update
2023-01-17 08:48:58
(RHSA-2023:0400) Important: kernel-rt security and bug fix update
2023-01-24 09:46:52
(RHSA-2023:0399) Important: kernel security and bug fix update
2023-01-24 09:46:52
prion
prion
Design/Logic Flaw
2022-03-11 18:15:00
Memory corruption
2022-04-05 13:15:00
Design/Logic Flaw
2022-04-05 13:15:00
f5
f5
K000137188 : AMD CPU vulnerability CVE-2021-26401
2023-10-09 00:00:00
amd
amd
LFENCE/JMP Mitigation Update for CVE-2017-5715
2022-03-08 00:00:00
cve
cve
CVE-2021-26401
2022-03-11 18:15:00
CVE-2022-26357
2022-04-05 13:15:00
CVE-2022-26358
2022-04-05 13:15:00
debiancve
debiancve
CVE-2021-26401
2022-03-11 18:15:00
CVE-2022-26357
2022-04-05 13:15:00
CVE-2022-26359
2022-04-05 13:15:00
redhatcve
redhatcve
CVE-2021-26401
2022-03-09 10:23:54
CVE-2022-0002
2022-03-09 10:13:18
CVE-2022-0001
2022-03-09 10:13:18
ubuntucve
ubuntucve
CVE-2021-26401
2022-03-11 00:00:00
CVE-2022-26359
2022-04-05 00:00:00
CVE-2022-26357
2022-04-05 00:00:00
intel
intel
IntelĀ® Processor Advisory
2022-03-08 00:00:00
cloudfoundry
cloudfoundry
USN-5319-1: Linux kernel vulnerabilities | Cloud Foundry
2022-04-21 00:00:00
USN-5318-1: Linux kernel vulnerabilities | Cloud Foundry
2022-03-11 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-03-09 00:00:00
Linux kernel vulnerabilities
2022-03-09 00:00:00
Linux kernel vulnerabilities
2022-03-09 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2023-01-30 16:50:20
microcode_ctl security update
2018-01-04 11:40:52
libvirt security update
2018-01-04 19:54:04
rosalinux
rosalinux
Advisory ROSA-SA-2023-2097
2023-02-07 10:10:41
alpinelinux
alpinelinux
CVE-2022-26357
2022-04-05 13:15:00
CVE-2022-26356
2022-04-05 13:15:00
citrix
citrix
Citrix Hypervisor Security Update
2022-04-05 10:50:09
Citrix Hypervisor Security Update
2022-03-07 14:55:18
veracode
veracode
Denial Of Service (DoS)
2022-04-16 05:26:05
Race Condition
2022-04-16 05:26:13
Denial Of Service (DoS)
2022-04-16 05:26:21
oraclelinux
oraclelinux
kernel security update
2023-10-20 00:00:00
libvirt security update
2018-01-05 00:00:00
microcode_ctl security update
2018-01-04 00:00:00
mscve
mscve
Intel: CVE-2022-0001 Branch History Injection
2024-04-09 07:00:00
threatpost
threatpost
New Spectre-Level Flaw Targets Return Stack Buffer
2018-07-23 18:27:20
openvas
openvas
Debian LTS: Security Advisory for linux-tools (DLA-1349-1)
2018-04-17 00:00:00
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2018-1014)
2020-01-23 00:00:00
RedHat Update for microcode_ctl RHSA-2018:0093-01
2018-01-17 00:00:00
amazon
amazon
Important: linux-firmware
2018-02-20 21:46:00
mageia
mageia
Updated microcode packages fix security vulnerability
2018-05-29 22:41:14
JSON
Related for SUSE_SU-2022-1408-1.NASL
nessus77fedora3suse11xen4debian3osv11redhat6prion9f51amd1cve9debiancve9redhatcve3ubuntucve9intel1cloudfoundry2ubuntu3centos4rosalinux1alpinelinux2citrix2veracode7oraclelinux4mscve1threatpost1openvas13amazon1mageia1