csaf_suse - suse-su-2024:3586-1

Vulnerability from csaf_suse

Published

2024-10-10 11:29

Modified

2024-10-10 11:29

Summary

Security update for xen

Notes

Title of the patch

Security update for xen

Description of the patch

This update for xen fixes the following issues: Security fixes: - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping (XSA-460) (bsc#1228574) - CVE-2024-31146: Fixed PCI device pass-through with shared resources (XSA-461) (bsc#1228575) - CVE-2024-45817: Fixed Deadlock in vlapic_error() (XSA-462) (bsc#1230366) Other fixes: - Upstream bug fixes (bsc#1027519)

Patchnames

SUSE-2024-3586,SUSE-SLE-SDK-12-SP5-2024-3586,SUSE-SLE-SERVER-12-SP5-2024-3586

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for xen",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update for xen fixes the following issues:\n\nSecurity fixes:\n\n- CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping (XSA-460) (bsc#1228574)\n- CVE-2024-31146: Fixed PCI device pass-through with shared resources (XSA-461) (bsc#1228575)\n- CVE-2024-45817: Fixed Deadlock in vlapic_error() (XSA-462) (bsc#1230366)\n\nOther fixes:\n\n- Upstream bug fixes (bsc#1027519)\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-3586,SUSE-SLE-SDK-12-SP5-2024-3586,SUSE-SLE-SERVER-12-SP5-2024-3586",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3586-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:3586-1",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20243586-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:3586-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019585.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1027519",
            url: "https://bugzilla.suse.com/1027519",
         },
         {
            category: "self",
            summary: "SUSE Bug 1228574",
            url: "https://bugzilla.suse.com/1228574",
         },
         {
            category: "self",
            summary: "SUSE Bug 1228575",
            url: "https://bugzilla.suse.com/1228575",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230366",
            url: "https://bugzilla.suse.com/1230366",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-31145 page",
            url: "https://www.suse.com/security/cve/CVE-2024-31145/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-31146 page",
            url: "https://www.suse.com/security/cve/CVE-2024-31146/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45817 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45817/",
         },
      ],
      title: "Security update for xen",
      tracking: {
         current_release_date: "2024-10-10T11:29:45Z",
         generator: {
            date: "2024-10-10T11:29:45Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:3586-1",
         initial_release_date: "2024-10-10T11:29:45Z",
         revision_history: [
            {
               date: "2024-10-10T11:29:45Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "xen-4.12.4_56-3.121.1.aarch64",
                        product: {
                           name: "xen-4.12.4_56-3.121.1.aarch64",
                           product_id: "xen-4.12.4_56-3.121.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-devel-4.12.4_56-3.121.1.aarch64",
                        product: {
                           name: "xen-devel-4.12.4_56-3.121.1.aarch64",
                           product_id: "xen-devel-4.12.4_56-3.121.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-doc-html-4.12.4_56-3.121.1.aarch64",
                        product: {
                           name: "xen-doc-html-4.12.4_56-3.121.1.aarch64",
                           product_id: "xen-doc-html-4.12.4_56-3.121.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-libs-4.12.4_56-3.121.1.aarch64",
                        product: {
                           name: "xen-libs-4.12.4_56-3.121.1.aarch64",
                           product_id: "xen-libs-4.12.4_56-3.121.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-tools-4.12.4_56-3.121.1.aarch64",
                        product: {
                           name: "xen-tools-4.12.4_56-3.121.1.aarch64",
                           product_id: "xen-tools-4.12.4_56-3.121.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-tools-domU-4.12.4_56-3.121.1.aarch64",
                        product: {
                           name: "xen-tools-domU-4.12.4_56-3.121.1.aarch64",
                           product_id: "xen-tools-domU-4.12.4_56-3.121.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "xen-libs-64bit-4.12.4_56-3.121.1.aarch64_ilp32",
                        product: {
                           name: "xen-libs-64bit-4.12.4_56-3.121.1.aarch64_ilp32",
                           product_id: "xen-libs-64bit-4.12.4_56-3.121.1.aarch64_ilp32",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64_ilp32",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "xen-devel-4.12.4_56-3.121.1.i586",
                        product: {
                           name: "xen-devel-4.12.4_56-3.121.1.i586",
                           product_id: "xen-devel-4.12.4_56-3.121.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-libs-4.12.4_56-3.121.1.i586",
                        product: {
                           name: "xen-libs-4.12.4_56-3.121.1.i586",
                           product_id: "xen-libs-4.12.4_56-3.121.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-tools-domU-4.12.4_56-3.121.1.i586",
                        product: {
                           name: "xen-tools-domU-4.12.4_56-3.121.1.i586",
                           product_id: "xen-tools-domU-4.12.4_56-3.121.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "xen-4.12.4_56-3.121.1.x86_64",
                        product: {
                           name: "xen-4.12.4_56-3.121.1.x86_64",
                           product_id: "xen-4.12.4_56-3.121.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-devel-4.12.4_56-3.121.1.x86_64",
                        product: {
                           name: "xen-devel-4.12.4_56-3.121.1.x86_64",
                           product_id: "xen-devel-4.12.4_56-3.121.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-doc-html-4.12.4_56-3.121.1.x86_64",
                        product: {
                           name: "xen-doc-html-4.12.4_56-3.121.1.x86_64",
                           product_id: "xen-doc-html-4.12.4_56-3.121.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-libs-4.12.4_56-3.121.1.x86_64",
                        product: {
                           name: "xen-libs-4.12.4_56-3.121.1.x86_64",
                           product_id: "xen-libs-4.12.4_56-3.121.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                        product: {
                           name: "xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                           product_id: "xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-tools-4.12.4_56-3.121.1.x86_64",
                        product: {
                           name: "xen-tools-4.12.4_56-3.121.1.x86_64",
                           product_id: "xen-tools-4.12.4_56-3.121.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                        product: {
                           name: "xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                           product_id: "xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Software Development Kit 12 SP5",
                        product: {
                           name: "SUSE Linux Enterprise Software Development Kit 12 SP5",
                           product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-sdk:12:sp5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 12 SP5",
                        product: {
                           name: "SUSE Linux Enterprise Server 12 SP5",
                           product_id: "SUSE Linux Enterprise Server 12 SP5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles:12:sp5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                        product: {
                           name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                           product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles_sap:12:sp5",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-devel-4.12.4_56-3.121.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
               product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.aarch64",
            },
            product_reference: "xen-devel-4.12.4_56-3.121.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-devel-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
               product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-devel-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
               product_id: "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-doc-html-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
               product_id: "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-doc-html-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-libs-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
               product_id: "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-libs-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-libs-32bit-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
               product_id: "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-tools-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
               product_id: "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-tools-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-tools-domU-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
               product_id: "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-tools-domU-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-doc-html-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-doc-html-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-libs-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-libs-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-libs-32bit-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-tools-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-tools-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "xen-tools-domU-4.12.4_56-3.121.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
            },
            product_reference: "xen-tools-domU-4.12.4_56-3.121.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-31145",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-31145",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Certain PCI devices in a system might be assigned Reserved Memory\nRegions (specified via Reserved Memory Region Reporting, \"RMRR\") for\nIntel VT-d or Unity Mapping ranges for AMD-Vi.  These are typically used\nfor platform tasks such as legacy USB emulation.\n\nSince the precise purpose of these regions is unknown, once a device\nassociated with such a region is active, the mappings of these regions\nneed to remain continuouly accessible by the device.  In the logic\nestablishing these mappings, error handling was flawed, resulting in\nsuch mappings to potentially remain in place when they should have been\nremoved again.  Respective guests would then gain access to memory\nregions which they aren't supposed to have access to.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.aarch64",
               "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-31145",
               url: "https://www.suse.com/security/cve/CVE-2024-31145",
            },
            {
               category: "external",
               summary: "SUSE Bug 1228574 for CVE-2024-31145",
               url: "https://bugzilla.suse.com/1228574",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.aarch64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.aarch64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-10T11:29:45Z",
               details: "important",
            },
         ],
         title: "CVE-2024-31145",
      },
      {
         cve: "CVE-2024-31146",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-31146",
            },
         ],
         notes: [
            {
               category: "general",
               text: "When multiple devices share resources and one of them is to be passed\nthrough to a guest, security of the entire system and of respective\nguests individually cannot really be guaranteed without knowing\ninternals of any of the involved guests.  Therefore such a configuration\ncannot really be security-supported, yet making that explicit was so far\nmissing.\n\nResources the sharing of which is known to be problematic include, but\nare not limited to\n- - PCI Base Address Registers (BARs) of multiple devices mapping to the\n  same page (4k on x86),\n- - INTx lines.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.aarch64",
               "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-31146",
               url: "https://www.suse.com/security/cve/CVE-2024-31146",
            },
            {
               category: "external",
               summary: "SUSE Bug 1228575 for CVE-2024-31146",
               url: "https://bugzilla.suse.com/1228575",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.aarch64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 0,
                  baseSeverity: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.aarch64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-10T11:29:45Z",
               details: "low",
            },
         ],
         title: "CVE-2024-31146",
      },
      {
         cve: "CVE-2024-45817",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45817",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In x86's APIC (Advanced Programmable Interrupt Controller) architecture,\nerror conditions are reported in a status register.  Furthermore, the OS\ncan opt to receive an interrupt when a new error occurs.\n\nIt is possible to configure the error interrupt with an illegal vector,\nwhich generates an error when an error interrupt is raised.\n\nThis case causes Xen to recurse through vlapic_error().  The recursion\nitself is bounded; errors accumulate in the the status register and only\ngenerate an interrupt when a new status bit becomes set.\n\nHowever, the lock protecting this state in Xen will try to be taken\nrecursively, and deadlock.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
               "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.aarch64",
               "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45817",
               url: "https://www.suse.com/security/cve/CVE-2024-45817",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230366 for CVE-2024-45817",
               url: "https://bugzilla.suse.com/1230366",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.aarch64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_56-3.121.1.x86_64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.aarch64",
                  "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_56-3.121.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-10T11:29:45Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45817",
      },
   ],
}

CVE-2024-31146 (GCVE-0-2024-31146)

Vulnerability from cvelistv5

Published

2024-09-25 10:31

Modified

2024-09-25 13:24

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration cannot really be security-supported, yet making that explicit was so far missing. Resources the sharing of which is known to be problematic include, but are not limited to - - PCI Base Address Registers (BARs) of multiple devices mapping to the same page (4k on x86), - - INTx lines.

References

▼	URL	Tags
	https://xenbits.xenproject.org/xsa/advisory-461.html

Impacted products

	Vendor	Product	Version
	Xen	Xen

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-09-25T11:02:55.207Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "http://xenbits.xen.org/xsa/advisory-461.html",
               },
               {
                  url: "http://www.openwall.com/lists/oss-security/2024/08/14/3",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "xen",
                  vendor: "xen",
                  versions: [
                     {
                        lessThanOrEqual: "*",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "HIGH",
                     attackVector: "LOCAL",
                     availabilityImpact: "HIGH",
                     baseScore: 7.5,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "HIGH",
                     scope: "CHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-31146",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-25T13:14:46.996097Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-400",
                        description: "CWE-400 Uncontrolled Resource Consumption",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-25T13:24:47.409Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               product: "Xen",
               vendor: "Xen",
               versions: [
                  {
                     status: "unknown",
                     version: "consult Xen advisory XSA-461",
                  },
               ],
            },
         ],
         configurations: [
            {
               lang: "en",
               value: "All systems making use of PCI pass-through are in principle vulnerable,\nwhen any kind of resource is shared.  Just to re-iterate, even in the\nabsence of resource sharing caveats apply to passing through of PCI\ndevices to entirely untrusted guests.",
            },
         ],
         datePublic: "2024-08-13T12:00:00Z",
         descriptions: [
            {
               lang: "en",
               value: "When multiple devices share resources and one of them is to be passed\nthrough to a guest, security of the entire system and of respective\nguests individually cannot really be guaranteed without knowing\ninternals of any of the involved guests.  Therefore such a configuration\ncannot really be security-supported, yet making that explicit was so far\nmissing.\n\nResources the sharing of which is known to be problematic include, but\nare not limited to\n- - PCI Base Address Registers (BARs) of multiple devices mapping to the\n  same page (4k on x86),\n- - INTx lines.",
            },
         ],
         impacts: [
            {
               descriptions: [
                  {
                     lang: "en",
                     value: "The precise effects when shared resources are in use are system, device,\nguest, and resource specific.  None of privilege escalation, information\nleaks, or Denial of Service (DoS) can be ruled out.",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-25T10:31:51.154Z",
            orgId: "23aa2041-22e1-471f-9209-9b7396fa234f",
            shortName: "XEN",
         },
         references: [
            {
               url: "https://xenbits.xenproject.org/xsa/advisory-461.html",
            },
         ],
         title: "PCI device pass-through with shared resources",
         workarounds: [
            {
               lang: "en",
               value: "Passing through only SR-IOV virtual functions or devices with well-\nseparated resources will avoid this particular vulnerability.  Passing\nthrough all devices sharing a given resource to the same guest will also\navoid this particular vulnerability.",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "23aa2041-22e1-471f-9209-9b7396fa234f",
      assignerShortName: "XEN",
      cveId: "CVE-2024-31146",
      datePublished: "2024-09-25T10:31:51.154Z",
      dateReserved: "2024-03-28T18:14:12.893Z",
      dateUpdated: "2024-09-25T13:24:47.409Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2024-31145 (GCVE-0-2024-31145)

Vulnerability from cvelistv5

Published

2024-09-25 10:31

Modified

2024-09-25 13:29

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. In the logic establishing these mappings, error handling was flawed, resulting in such mappings to potentially remain in place when they should have been removed again. Respective guests would then gain access to memory regions which they aren't supposed to have access to.

References

▼	URL	Tags
	https://xenbits.xenproject.org/xsa/advisory-460.html

Impacted products

	Vendor	Product	Version
	Xen	Xen

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-09-25T11:02:50.356Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "http://xenbits.xen.org/xsa/advisory-460.html",
               },
               {
                  url: "http://www.openwall.com/lists/oss-security/2024/08/14/2",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "xen",
                  vendor: "xen",
                  versions: [
                     {
                        lessThanOrEqual: "*",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "HIGH",
                     attackVector: "LOCAL",
                     availabilityImpact: "HIGH",
                     baseScore: 7.5,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "HIGH",
                     scope: "CHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-31145",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-25T13:27:44.216381Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-400",
                        description: "CWE-400 Uncontrolled Resource Consumption",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-25T13:29:33.308Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               product: "Xen",
               vendor: "Xen",
               versions: [
                  {
                     status: "unknown",
                     version: "consult Xen advisory XSA-460",
                  },
               ],
            },
         ],
         configurations: [
            {
               lang: "en",
               value: "Only x86 systems passing PCI devices with RMRR/Unity regions through to\nguests are potentially affected.\n\nPCI devices listed in a vm.cfg file have error handling which causes `xl\ncreate` to abort and tear down the domain, and is thus believed to be\nsafe.\n\nPCI devices attached using `xl pci-attach` will result in the command\nreturning nonzero, but will not tear down the domain.  VMs which\ncontinue to run after `xl pci-attach` has failed expose the\nvulnerability.\n\nFor x86 Intel hardware, Xen versions 4.0 and later are affected.\n\nFor all x86 hardware, Xen versions having the XSA-378 fixes applied /\nbackported are affected.",
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "This issue was discovered by Teddy Astie of Vates and diagnosed as a\nsecurity issue by Jan Beulich of SUSE.",
            },
         ],
         datePublic: "2024-08-13T12:00:00Z",
         descriptions: [
            {
               lang: "en",
               value: "Certain PCI devices in a system might be assigned Reserved Memory\nRegions (specified via Reserved Memory Region Reporting, \"RMRR\") for\nIntel VT-d or Unity Mapping ranges for AMD-Vi.  These are typically used\nfor platform tasks such as legacy USB emulation.\n\nSince the precise purpose of these regions is unknown, once a device\nassociated with such a region is active, the mappings of these regions\nneed to remain continuouly accessible by the device.  In the logic\nestablishing these mappings, error handling was flawed, resulting in\nsuch mappings to potentially remain in place when they should have been\nremoved again.  Respective guests would then gain access to memory\nregions which they aren't supposed to have access to.",
            },
         ],
         impacts: [
            {
               descriptions: [
                  {
                     lang: "en",
                     value: "The precise impact is system specific.  Denial of Service (DoS)\naffecting the entire host or individual guests, privilege escalation,\nand information leaks cannot be ruled out.",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-25T10:31:43.523Z",
            orgId: "23aa2041-22e1-471f-9209-9b7396fa234f",
            shortName: "XEN",
         },
         references: [
            {
               url: "https://xenbits.xenproject.org/xsa/advisory-460.html",
            },
         ],
         title: "error handling in x86 IOMMU identity mapping",
         workarounds: [
            {
               lang: "en",
               value: "Assigning devices using the vm.cfg file for attachment at boot avoids\nthe vulnerability.",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "23aa2041-22e1-471f-9209-9b7396fa234f",
      assignerShortName: "XEN",
      cveId: "CVE-2024-31145",
      datePublished: "2024-09-25T10:31:43.523Z",
      dateReserved: "2024-03-28T18:14:12.893Z",
      dateUpdated: "2024-09-25T13:29:33.308Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2024-45817 (GCVE-0-2024-45817)

Vulnerability from cvelistv5

Published

2024-09-25 10:31

Modified

2024-11-20 21:33

Severity ?

7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Summary

In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are reported in a status register. Furthermore, the OS can opt to receive an interrupt when a new error occurs. It is possible to configure the error interrupt with an illegal vector, which generates an error when an error interrupt is raised. This case causes Xen to recurse through vlapic_error(). The recursion itself is bounded; errors accumulate in the the status register and only generate an interrupt when a new status bit becomes set. However, the lock protecting this state in Xen will try to be taken recursively, and deadlock.

References

▼	URL	Tags
	https://xenbits.xenproject.org/xsa/advisory-462.html

Impacted products

	Vendor	Product	Version
	Xen	Xen

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-09-25T11:03:12.931Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "http://xenbits.xen.org/xsa/advisory-462.html",
               },
               {
                  url: "http://www.openwall.com/lists/oss-security/2024/09/24/1",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "LOW",
                     baseScore: 7.3,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "LOW",
                     integrityImpact: "LOW",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-45817",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-25T13:35:45.402325Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-209",
                        description: "CWE-209 Generation of Error Message Containing Sensitive Information",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-20T21:33:14.401Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               product: "Xen",
               vendor: "Xen",
               versions: [
                  {
                     status: "unknown",
                     version: "consult Xen advisory XSA-462",
                  },
               ],
            },
         ],
         configurations: [
            {
               lang: "en",
               value: "Xen 4.5 and onwards are vulnerable.  Xen 4.4 and older are not vulnerable.\n\nOnly x86 systems running HVM or PVH guests are vulnerable.\nArchitectures other than x86 are not vulnerable.\n\nOnly HVM or PVH guests can leverage the vulnerability.  PV guests cannot\nleverage the vulnerability.",
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "This issue was discovered after a BUGSENG team working on MISRA C\ncompliance of Xen pointed attention to ECLAIR reports for MISRA C Rule\n17.2 (Functions shall not call themselves, either directly or\nindirectly).",
            },
         ],
         datePublic: "2024-09-24T10:46:00Z",
         descriptions: [
            {
               lang: "en",
               value: "In x86's APIC (Advanced Programmable Interrupt Controller) architecture,\nerror conditions are reported in a status register.  Furthermore, the OS\ncan opt to receive an interrupt when a new error occurs.\n\nIt is possible to configure the error interrupt with an illegal vector,\nwhich generates an error when an error interrupt is raised.\n\nThis case causes Xen to recurse through vlapic_error().  The recursion\nitself is bounded; errors accumulate in the the status register and only\ngenerate an interrupt when a new status bit becomes set.\n\nHowever, the lock protecting this state in Xen will try to be taken\nrecursively, and deadlock.",
            },
         ],
         impacts: [
            {
               descriptions: [
                  {
                     lang: "en",
                     value: "A buggy or malicious HVM or PVH guest can deadlock Xen, leading to a\nDoS.",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-25T10:31:57.371Z",
            orgId: "23aa2041-22e1-471f-9209-9b7396fa234f",
            shortName: "XEN",
         },
         references: [
            {
               url: "https://xenbits.xenproject.org/xsa/advisory-462.html",
            },
         ],
         title: "x86: Deadlock in vlapic_error()",
         workarounds: [
            {
               lang: "en",
               value: "Not running untrusted HVM or PVH VMs will avoid this vulnerability.",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "23aa2041-22e1-471f-9209-9b7396fa234f",
      assignerShortName: "XEN",
      cveId: "CVE-2024-45817",
      datePublished: "2024-09-25T10:31:57.371Z",
      dateReserved: "2024-09-09T14:43:11.826Z",
      dateUpdated: "2024-11-20T21:33:14.401Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_suse

CVE-2024-31146 (GCVE-0-2024-31146)

Vulnerability from cvelistv5

CVE-2024-31145 (GCVE-0-2024-31145)

Vulnerability from cvelistv5

CVE-2024-45817 (GCVE-0-2024-45817)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature