Fedora 36 : xen (2023-04b5338dd0)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-04b5338dd0 advisory. 3 security issues 2180425 x86 shadow plus log-dirty mode use-after-free XSA-427, CVE-2022-42332 x86/HVM pinned cache attributes mis-handling XSA-428...

SUSE CVE-2022-42331

x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work XSA-254, one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variet...

SUSE SLES12 Security Update : xen (SUSE-SU-2023:0846-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0846-1 advisory. - x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work XSA-254, one...

SUSE-SU-2023:0859-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode bsc1209017. - CVE-2022-42333,CVE-2022-42334: Fixed x86/HVM pinned cache attributes mis-handling bsc1209018. - CVE-2022-42331: Fixed speculative vulnerability in 32bit SYSCALL...

DEBIAN-CVE-2022-42331

x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work XSA-254, one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variet...

ALPINE-CVE-2022-42331

x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work XSA-254, one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variet...

CVE-2022-42331

x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work XSA-254, one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variet...

CVE-2022-42331

CVE-2022-42331 describes a Xen hypervisor SPECULATIVE execution vulnerability on the x86 32-bit SYSCALL path. Root cause: an oversight in the original Spectre/Meltdown work (XSA-254) leads to an entrypath performing its speculation-safety actions too late, leaving an unprotected RET instruction i...