21 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-46836
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fixes for XSA-422 Branch Type Confusion and XSA-434 Speculative Return Stack Overflow are not IRQ- safe. It was believed that the mitigations always operate...
openSUSE: Security Advisory for xen (SUSE-SU-2023:4475-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for xen (SUSE-SU-2023:4466-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-46836 x86: BTC/SRSO fixes not fully effective
The fixes for XSA-422 Branch Type Confusion and XSA-434 Speculative Return Stack Overflow are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown XPTI deliberately left interrupts enabled on two entry...
CVE-2023-46836
The CVE pertains to Xen virtualization. The issue is a race condition where mitigations for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe; one entry path remains with interrupts enabled, and combined with the Meltdown XPTI fix (XSA-254) this was ...
SUSE SLED15: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2023:4945-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4945-1 advisory. - CVE-2023-46836: Fixed BTC/SRSO fixes not fully effective bsc1216807. - CVE-2023-46835: Fixed...
Fedora: Security Advisory for xen (FEDORA-2023-e62da41072)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : xen (2023-e62da41072)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e62da41072 advisory. x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445, CVE-2023-46835 x86: BTC/SRSO fixes not fully effective XSA-446, CVE-2023-46836...
Fedora 38 : xen (2023-56901a79a1)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-56901a79a1 advisory. x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445, CVE-2023-46835 x86: BTC/SRSO fixes not fully effective XSA-446, CVE-2023-46836...
SUSE SLES15 Security Update : xen (SUSE-SU-2023:4485-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4485-1 advisory. - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445 bsc1216654. - CVE-2023-46836: x86: BTC/SRSO fixes...
SUSE SLES12: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2023:4486-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4486-1 advisory. - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445 bsc1216654. - CVE-2023-46836: x86: BTC/SRSO fixes...
SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2023:4484-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4484-1 advisory. - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445 bsc1216654. - CVE-2023-46836: x86: BTC/SRSO fixes...
SUSE: Security Advisory (SUSE-SU-2023:4484-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:4486-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:4485-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:4486-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445 bsc1216654. - CVE-2023-46836: x86: BTC/SRSO fixes not fully effective XSA-446 bsc1216807...
SUSE-SU-2023:4485-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445 bsc1216654. - CVE-2023-46836: x86: BTC/SRSO fixes not fully effective XSA-446 bsc1216807...
SUSE-SU-2023:4484-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445 bsc1216654. - CVE-2023-46836: x86: BTC/SRSO fixes not fully effective XSA-446 bsc1216807...
SUSE SLES15 Security Update : xen (SUSE-SU-2023:4466-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4466-1 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...
SUSE: Security Advisory (SUSE-SU-2023:4466-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...