21 matches found
EUVD-2021-15347
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-28690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see...
SUSE SLES11: xen / xen-doc-html / xen-kmp-default / xen-kmp-pae / xen-libs / etc (SUSE-SU-2021:14848-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14848-1 advisory. - CVE-2021-0089: Fixed Speculative Code Store Bypass XSA-375 bsc1186433. - CVE-2021-20255: Fixed stack overflow via infinite recursion in...
openSUSE 15 Security Update : xen (openSUSE-SU-2021:1236-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1236-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via...
SUSE SLES12: xen / xen-doc-html / xen-libs / xen-libs-32bit / xen-tools / etc (SUSE-SU-2021:2957-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2957-1 advisory. - CVE-2021-3594: slirp: invalid pointer initialization may lead to information disclosure udpbsc1187378. - CVE-2021-3595: slirp:...
SUSE SLES12: xen / xen-doc-html / xen-libs / xen-libs-32bit / xen-tools / etc (SUSE-SU-2021:2955-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2955-1 advisory. Security issues fixed: - CVE-2021-28698: long running loops in grant table handling XSA-380bsc1189378. - CVE-2021-28697: grant tabl...
SUSE SLES15 Security Update : xen (SUSE-SU-2021:2943-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2943-1 advisory. - CVE-2021-28698: long running loops in grant table handling XSA-380bsc1189378. - CVE-2021-28692: xen: inappropriate x86 IOMMU...
SUSE SLED15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2021:2922-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2922-1 advisory. Update to Xen 4.13.3 general bug fix release bsc1027519. Security issues fixed: - CVE-2021-28693: xen/arm: Boot modules are not scrubb...
SUSE SLED15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2021:2923-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2923-1 advisory. Update to Xen 4.13.3 general bug fix release bsc1027519. Security issues fixed: - CVE-2021-28693: xen/arm: Boot modules are not scrubb...
SUSE SLED12: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2021:2924-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2924-1 advisory. Security issues fixed: - CVE-2021-28693: xen/arm: Boot modules are not scrubbed bsc1186428 - CVE-2021-28692: xen:...
openSUSE 15 Security Update : xen (openSUSE-SU-2021:2923-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2923-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via...
CVE-2021-28690
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX the default and preferred option requires selecting a...
CVE-2021-28690
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX the default and preferred option requires selecting a...
Design/Logic Flaw
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX the default and preferred option requires selecting a...
CVE-2021-28690
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX the default and preferred option requires selecting a...
CVE-2021-28690
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX the default and preferred option requires selecting a...
CVE-2021-28690
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX the default and preferred option requires selecting a...
CVE-2021-28690
CVE-2021-28690 corresponds to the Xen TSX Async Abort protections not being restored after S3. Affected: Xen hypervisor (x86) with TSX Async Abort mitigation requiring disabling TSX via MSR_TSX_CTRL, a setting that is not restored after S3 resort. Connected sources reiterate the issue across mult...
OracleVM 3.4 : xen (OVMSA-2021-0020)
The remote OracleVM system is missing necessary patches to address security updates: - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2021-0089 - Potential speculative code store bypass in a...
x86: TSX Async Abort protections not restored after S3
ISSUE DESCRIPTION This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX the default and preferred option requires selecting a non-default setting in MSRTSXCTRL. This setti...