Security update for xen SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:4054-1 Final 1 1 2023-10-12T07:49:44Z current 2023-10-12T07:49:44Z 2023-10-12T07:49:44Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xen This update for xen fixes the following issues: - CVE-2023-34323: A transaction conflict can crash C Xenstored (XSA-440, bsc#1215744) - CVE-2023-34326: Missing IOMMU TLB flushing (XSA-442, bsc#1215746) - CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling (XSA-443, bsc#1215747) - CVE-2023-34327: Debug Mask handling (XSA-444, bsc#1215748) - CVE-2023-34328: Debug Mask handling (XSA-444, bsc#1215748) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2023-4054,SUSE-SLE-Micro-5.5-2023-4054,SUSE-SLE-Module-Basesystem-15-SP5-2023-4054,SUSE-SLE-Module-Server-Applications-15-SP5-2023-4054,openSUSE-SLE-15.5-2023-4054 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20234054-1/ Link for SUSE-SU-2023:4054-1 https://lists.suse.com/pipermail/sle-security-updates/2023-October/016642.html E-Mail link for SUSE-SU-2023:4054-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1215744 SUSE Bug 1215744 https://bugzilla.suse.com/1215746 SUSE Bug 1215746 https://bugzilla.suse.com/1215747 SUSE Bug 1215747 https://bugzilla.suse.com/1215748 SUSE Bug 1215748 https://www.suse.com/security/cve/CVE-2023-34323/ SUSE CVE CVE-2023-34323 page https://www.suse.com/security/cve/CVE-2023-34325/ SUSE CVE CVE-2023-34325 page https://www.suse.com/security/cve/CVE-2023-34326/ SUSE CVE CVE-2023-34326 page https://www.suse.com/security/cve/CVE-2023-34327/ SUSE CVE CVE-2023-34327 page https://www.suse.com/security/cve/CVE-2023-34328/ SUSE CVE CVE-2023-34328 page SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Server Applications 15 SP5 openSUSE Leap 15.5 xen-4.17.2_06-150500.3.12.1 xen-devel-4.17.2_06-150500.3.12.1 xen-doc-html-4.17.2_06-150500.3.12.1 xen-libs-4.17.2_06-150500.3.12.1 xen-libs-32bit-4.17.2_06-150500.3.12.1 xen-libs-64bit-4.17.2_06-150500.3.12.1 xen-tools-4.17.2_06-150500.3.12.1 xen-tools-domU-4.17.2_06-150500.3.12.1 xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 xen-libs-4.17.2_06-150500.3.12.1 as a component of SUSE Linux Enterprise Micro 5.5 xen-libs-4.17.2_06-150500.3.12.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 xen-tools-domU-4.17.2_06-150500.3.12.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 xen-4.17.2_06-150500.3.12.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP5 xen-devel-4.17.2_06-150500.3.12.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP5 xen-tools-4.17.2_06-150500.3.12.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP5 xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP5 xen-4.17.2_06-150500.3.12.1 as a component of openSUSE Leap 15.5 xen-devel-4.17.2_06-150500.3.12.1 as a component of openSUSE Leap 15.5 xen-doc-html-4.17.2_06-150500.3.12.1 as a component of openSUSE Leap 15.5 xen-libs-4.17.2_06-150500.3.12.1 as a component of openSUSE Leap 15.5 xen-libs-32bit-4.17.2_06-150500.3.12.1 as a component of openSUSE Leap 15.5 xen-tools-4.17.2_06-150500.3.12.1 as a component of openSUSE Leap 15.5 xen-tools-domU-4.17.2_06-150500.3.12.1 as a component of openSUSE Leap 15.5 xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 as a component of openSUSE Leap 15.5 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2023-34323 SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:xen-libs-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:xen-tools-domU-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-devel-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-tools-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-devel-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-doc-html-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-libs-32bit-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-libs-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-domU-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20234054-1/ https://www.suse.com/security/cve/CVE-2023-34323.html CVE-2023-34323 https://bugzilla.suse.com/1215744 SUSE Bug 1215744 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2023-34325 SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:xen-libs-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:xen-tools-domU-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-devel-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-tools-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-devel-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-doc-html-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-libs-32bit-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-libs-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-domU-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20234054-1/ https://www.suse.com/security/cve/CVE-2023-34325.html CVE-2023-34325 https://bugzilla.suse.com/1215747 SUSE Bug 1215747 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2023-34326 SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:xen-libs-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:xen-tools-domU-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-devel-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-tools-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-devel-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-doc-html-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-libs-32bit-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-libs-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-domU-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20234054-1/ https://www.suse.com/security/cve/CVE-2023-34326.html CVE-2023-34326 https://bugzilla.suse.com/1215746 SUSE Bug 1215746 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2023-34327 SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:xen-libs-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:xen-tools-domU-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-devel-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-tools-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-devel-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-doc-html-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-libs-32bit-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-libs-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-domU-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20234054-1/ https://www.suse.com/security/cve/CVE-2023-34327.html CVE-2023-34327 https://bugzilla.suse.com/1215748 SUSE Bug 1215748 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2023-34328 SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:xen-libs-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:xen-tools-domU-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-devel-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-tools-4.17.2_06-150500.3.12.1 SUSE Linux Enterprise Module for Server Applications 15 SP5:xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-devel-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-doc-html-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-libs-32bit-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-libs-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-domU-4.17.2_06-150500.3.12.1 openSUSE Leap 15.5:xen-tools-xendomains-wait-disk-4.17.2_06-150500.3.12.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20234054-1/ https://www.suse.com/security/cve/CVE-2023-34328.html CVE-2023-34328 https://bugzilla.suse.com/1215748 SUSE Bug 1215748