{"affected":[{"ecosystem_specific":{"binaries":[{"xen":"4.13.4_08-150200.3.50.1","xen-devel":"4.13.4_08-150200.3.50.1","xen-libs":"4.13.4_08-150200.3.50.1","xen-tools":"4.13.4_08-150200.3.50.1","xen-tools-domU":"4.13.4_08-150200.3.50.1","xen-tools-xendomains-wait-disk":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOS","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.13.4_08-150200.3.50.1","xen-devel":"4.13.4_08-150200.3.50.1","xen-libs":"4.13.4_08-150200.3.50.1","xen-tools":"4.13.4_08-150200.3.50.1","xen-tools-domU":"4.13.4_08-150200.3.50.1","xen-tools-xendomains-wait-disk":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.13.4_08-150200.3.50.1","xen-devel":"4.13.4_08-150200.3.50.1","xen-libs":"4.13.4_08-150200.3.50.1","xen-tools":"4.13.4_08-150200.3.50.1","xen-tools-domU":"4.13.4_08-150200.3.50.1","xen-tools-xendomains-wait-disk":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Real Time 15 SP2","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.13.4_08-150200.3.50.1","xen-devel":"4.13.4_08-150200.3.50.1","xen-libs":"4.13.4_08-150200.3.50.1","xen-tools":"4.13.4_08-150200.3.50.1","xen-tools-domU":"4.13.4_08-150200.3.50.1","xen-tools-xendomains-wait-disk":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP2-BCL","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.13.4_08-150200.3.50.1","xen-devel":"4.13.4_08-150200.3.50.1","xen-libs":"4.13.4_08-150200.3.50.1","xen-tools":"4.13.4_08-150200.3.50.1","xen-tools-domU":"4.13.4_08-150200.3.50.1","xen-tools-xendomains-wait-disk":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP2-LTSS","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.13.4_08-150200.3.50.1","xen-devel":"4.13.4_08-150200.3.50.1","xen-libs":"4.13.4_08-150200.3.50.1","xen-tools":"4.13.4_08-150200.3.50.1","xen-tools-domU":"4.13.4_08-150200.3.50.1","xen-tools-xendomains-wait-disk":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP2","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.13.4_08-150200.3.50.1","xen-devel":"4.13.4_08-150200.3.50.1","xen-libs":"4.13.4_08-150200.3.50.1","xen-tools":"4.13.4_08-150200.3.50.1","xen-tools-domU":"4.13.4_08-150200.3.50.1","xen-tools-xendomains-wait-disk":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy 4.1","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Manager%20Proxy%204.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.13.4_08-150200.3.50.1","xen-devel":"4.13.4_08-150200.3.50.1","xen-libs":"4.13.4_08-150200.3.50.1","xen-tools":"4.13.4_08-150200.3.50.1","xen-tools-domU":"4.13.4_08-150200.3.50.1","xen-tools-xendomains-wait-disk":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Manager Retail Branch Server 4.1","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.13.4_08-150200.3.50.1","xen-devel":"4.13.4_08-150200.3.50.1","xen-libs":"4.13.4_08-150200.3.50.1","xen-tools":"4.13.4_08-150200.3.50.1","xen-tools-domU":"4.13.4_08-150200.3.50.1","xen-tools-xendomains-wait-disk":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Manager Server 4.1","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Manager%20Server%204.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen-libs":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.0","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.13.4_08-150200.3.50.1","xen-devel":"4.13.4_08-150200.3.50.1","xen-libs":"4.13.4_08-150200.3.50.1","xen-tools":"4.13.4_08-150200.3.50.1","xen-tools-domU":"4.13.4_08-150200.3.50.1","xen-tools-xendomains-wait-disk":"4.13.4_08-150200.3.50.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Enterprise%20Storage%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.13.4_08-150200.3.50.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for xen fixes the following issues:\n\n- CVE-2022-26356: Fixed potential race conditions in dirty memory tracking that\n  could cause a denial of service in the host (bsc#1197423).\n- CVE-2022-26357: Fixed a potential race condition in memory cleanup for hosts\n  using VT-d IOMMU hardware, which could lead to a denial of service in the host\n  (bsc#1197425).\n- CVE-2022-26358,CVE-2022-26359,CVE-2022-26360,CVE-2022-26361: Fixed various memory\n  corruption issues for hosts using VT-d or AMD-Vi IOMMU hardware. These could be\n  leveraged by an attacker to cause a denial of service in the host (bsc#1197426).\n- CVE-2022-0001, CVE-2022-0002, CVE-2021-26401: Added BHB speculation issue\n  mitigations (bsc#1196915).\n","id":"SUSE-SU-2022:1300-1","modified":"2022-04-22T06:39:52Z","published":"2022-04-22T06:39:52Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20221300-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1194267"},{"type":"REPORT","url":"https://bugzilla.suse.com/1196915"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197423"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197425"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197426"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-26401"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-0001"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-0002"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-26356"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-26357"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-26358"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-26359"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-26360"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-26361"}],"related":["CVE-2021-26401","CVE-2022-0001","CVE-2022-0002","CVE-2022-26356","CVE-2022-26357","CVE-2022-26358","CVE-2022-26359","CVE-2022-26360","CVE-2022-26361"],"summary":"Security update for xen","upstream":["CVE-2021-26401","CVE-2022-0001","CVE-2022-0002","CVE-2022-26356","CVE-2022-26357","CVE-2022-26358","CVE-2022-26359","CVE-2022-26360","CVE-2022-26361"]}