{"affected":[{"ecosystem_specific":{"binaries":[{"xen-libs":"4.17.2_06-150500.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.5","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.17.2_06-150500.3.12.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen-libs":"4.17.2_06-150500.3.12.1","xen-tools-domU":"4.17.2_06-150500.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP5","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.17.2_06-150500.3.12.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.17.2_06-150500.3.12.1","xen-devel":"4.17.2_06-150500.3.12.1","xen-tools":"4.17.2_06-150500.3.12.1","xen-tools-xendomains-wait-disk":"4.17.2_06-150500.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP5","name":"xen","purl":"pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.17.2_06-150500.3.12.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xen":"4.17.2_06-150500.3.12.1","xen-devel":"4.17.2_06-150500.3.12.1","xen-doc-html":"4.17.2_06-150500.3.12.1","xen-libs":"4.17.2_06-150500.3.12.1","xen-libs-32bit":"4.17.2_06-150500.3.12.1","xen-tools":"4.17.2_06-150500.3.12.1","xen-tools-domU":"4.17.2_06-150500.3.12.1","xen-tools-xendomains-wait-disk":"4.17.2_06-150500.3.12.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"xen","purl":"pkg:rpm/opensuse/xen&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.17.2_06-150500.3.12.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for xen fixes the following issues:\n\n- CVE-2023-34323: A transaction conflict can crash C Xenstored (XSA-440, bsc#1215744)\n- CVE-2023-34326: Missing IOMMU TLB flushing (XSA-442, bsc#1215746)\n- CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling (XSA-443, bsc#1215747)\n- CVE-2023-34327: Debug Mask handling (XSA-444, bsc#1215748)\n- CVE-2023-34328: Debug Mask handling (XSA-444, bsc#1215748)\n","id":"SUSE-SU-2023:4054-1","modified":"2023-10-12T07:49:44Z","published":"2023-10-12T07:49:44Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20234054-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215744"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215746"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215747"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215748"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-34323"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-34325"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-34326"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-34327"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-34328"}],"related":["CVE-2023-34323","CVE-2023-34325","CVE-2023-34326","CVE-2023-34327","CVE-2023-34328"],"summary":"Security update for xen","upstream":["CVE-2023-34323","CVE-2023-34325","CVE-2023-34326","CVE-2023-34327","CVE-2023-34328"]}