csaf_suse - suse-su-2023:3832-1

suse-su-2023:3832-1

Vulnerability from csaf_suse

Published

2023-09-27 17:16

Modified

2023-09-27 17:16

Summary

Security update for xen

Notes

Title of the patch

Security update for xen

Description of the patch

This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero (XSA-439) (bsc#1215474). - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests (XSA-438) (bsc#1215145).

Patchnames

SUSE-2023-3832,SUSE-SLE-Micro-5.3-2023-3832,SUSE-SLE-Micro-5.4-2023-3832,SUSE-SLE-Module-Basesystem-15-SP4-2023-3832,SUSE-SLE-Module-Server-Applications-15-SP4-2023-3832,openSUSE-SLE-15.4-2023-3832

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xen",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xen fixes the following issues:\n\n- CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero (XSA-439) (bsc#1215474).\n- CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests (XSA-438) (bsc#1215145).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2023-3832,SUSE-SLE-Micro-5.3-2023-3832,SUSE-SLE-Micro-5.4-2023-3832,SUSE-SLE-Module-Basesystem-15-SP4-2023-3832,SUSE-SLE-Module-Server-Applications-15-SP4-2023-3832,openSUSE-SLE-15.4-2023-3832",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3832-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2023:3832-1",
        "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233832-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2023:3832-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2023-September/031733.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1215145",
        "url": "https://bugzilla.suse.com/1215145"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1215474",
        "url": "https://bugzilla.suse.com/1215474"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-20588 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-20588/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-34322 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-34322/"
      }
    ],
    "title": "Security update for xen",
    "tracking": {
      "current_release_date": "2023-09-27T17:16:03Z",
      "generator": {
        "date": "2023-09-27T17:16:03Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2023:3832-1",
      "initial_release_date": "2023-09-27T17:16:03Z",
      "revision_history": [
        {
          "date": "2023-09-27T17:16:03Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.16.5_04-150400.4.34.1.aarch64",
                "product": {
                  "name": "xen-4.16.5_04-150400.4.34.1.aarch64",
                  "product_id": "xen-4.16.5_04-150400.4.34.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.16.5_04-150400.4.34.1.aarch64",
                "product": {
                  "name": "xen-devel-4.16.5_04-150400.4.34.1.aarch64",
                  "product_id": "xen-devel-4.16.5_04-150400.4.34.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.16.5_04-150400.4.34.1.aarch64",
                "product": {
                  "name": "xen-doc-html-4.16.5_04-150400.4.34.1.aarch64",
                  "product_id": "xen-doc-html-4.16.5_04-150400.4.34.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.16.5_04-150400.4.34.1.aarch64",
                "product": {
                  "name": "xen-libs-4.16.5_04-150400.4.34.1.aarch64",
                  "product_id": "xen-libs-4.16.5_04-150400.4.34.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.16.5_04-150400.4.34.1.aarch64",
                "product": {
                  "name": "xen-tools-4.16.5_04-150400.4.34.1.aarch64",
                  "product_id": "xen-tools-4.16.5_04-150400.4.34.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64",
                "product": {
                  "name": "xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64",
                  "product_id": "xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-libs-64bit-4.16.5_04-150400.4.34.1.aarch64_ilp32",
                "product": {
                  "name": "xen-libs-64bit-4.16.5_04-150400.4.34.1.aarch64_ilp32",
                  "product_id": "xen-libs-64bit-4.16.5_04-150400.4.34.1.aarch64_ilp32"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64_ilp32"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-devel-4.16.5_04-150400.4.34.1.i586",
                "product": {
                  "name": "xen-devel-4.16.5_04-150400.4.34.1.i586",
                  "product_id": "xen-devel-4.16.5_04-150400.4.34.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.16.5_04-150400.4.34.1.i586",
                "product": {
                  "name": "xen-libs-4.16.5_04-150400.4.34.1.i586",
                  "product_id": "xen-libs-4.16.5_04-150400.4.34.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.16.5_04-150400.4.34.1.i586",
                "product": {
                  "name": "xen-tools-domU-4.16.5_04-150400.4.34.1.i586",
                  "product_id": "xen-tools-domU-4.16.5_04-150400.4.34.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch",
                "product": {
                  "name": "xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch",
                  "product_id": "xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.16.5_04-150400.4.34.1.x86_64",
                "product": {
                  "name": "xen-4.16.5_04-150400.4.34.1.x86_64",
                  "product_id": "xen-4.16.5_04-150400.4.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.16.5_04-150400.4.34.1.x86_64",
                "product": {
                  "name": "xen-devel-4.16.5_04-150400.4.34.1.x86_64",
                  "product_id": "xen-devel-4.16.5_04-150400.4.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.16.5_04-150400.4.34.1.x86_64",
                "product": {
                  "name": "xen-doc-html-4.16.5_04-150400.4.34.1.x86_64",
                  "product_id": "xen-doc-html-4.16.5_04-150400.4.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.16.5_04-150400.4.34.1.x86_64",
                "product": {
                  "name": "xen-libs-4.16.5_04-150400.4.34.1.x86_64",
                  "product_id": "xen-libs-4.16.5_04-150400.4.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64",
                "product": {
                  "name": "xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64",
                  "product_id": "xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.16.5_04-150400.4.34.1.x86_64",
                "product": {
                  "name": "xen-tools-4.16.5_04-150400.4.34.1.x86_64",
                  "product_id": "xen-tools-4.16.5_04-150400.4.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
                "product": {
                  "name": "xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
                  "product_id": "xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.3",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.3",
                  "product_id": "SUSE Linux Enterprise Micro 5.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-micro:5.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.4",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.4",
                  "product_id": "SUSE Linux Enterprise Micro 5.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-micro:5.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-basesystem:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-server-applications:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.16.5_04-150400.4.34.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
          "product_id": "SUSE Linux Enterprise Micro 5.3:xen-libs-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-libs-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.16.5_04-150400.4.34.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-libs-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.16.5_04-150400.4.34.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-libs-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-libs-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.16.5_04-150400.4.34.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.16.5_04-150400.4.34.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-devel-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-devel-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.16.5_04-150400.4.34.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-tools-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch"
        },
        "product_reference": "xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.16.5_04-150400.4.34.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.aarch64"
        },
        "product_reference": "xen-4.16.5_04-150400.4.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.16.5_04-150400.4.34.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.16.5_04-150400.4.34.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.aarch64"
        },
        "product_reference": "xen-devel-4.16.5_04-150400.4.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.16.5_04-150400.4.34.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-devel-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.16.5_04-150400.4.34.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.aarch64"
        },
        "product_reference": "xen-doc-html-4.16.5_04-150400.4.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.16.5_04-150400.4.34.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-doc-html-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.16.5_04-150400.4.34.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.aarch64"
        },
        "product_reference": "xen-libs-4.16.5_04-150400.4.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.16.5_04-150400.4.34.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-libs-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.16.5_04-150400.4.34.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.aarch64"
        },
        "product_reference": "xen-tools-4.16.5_04-150400.4.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.16.5_04-150400.4.34.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-tools-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64"
        },
        "product_reference": "xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch"
        },
        "product_reference": "xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-20588",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-20588"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "\nA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.  \n\n\n\n\n\n\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.3:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Micro 5.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch",
          "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-20588",
          "url": "https://www.suse.com/security/cve/CVE-2023-20588"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213927 for CVE-2023-20588",
          "url": "https://bugzilla.suse.com/1213927"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.3:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch",
            "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.3:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch",
            "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-09-27T17:16:03Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-20588"
    },
    {
      "cve": "CVE-2023-34322",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-34322"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "For migration as well as to work around kernels unaware of L1TF (see\nXSA-273), PV guests may be run in shadow paging mode.  Since Xen itself\nneeds to be mapped when PV guests run, Xen and shadowed PV guests run\ndirectly the respective shadow page tables.  For 64-bit PV guests this\nmeans running on the shadow of the guest root page table.\n\nIn the course of dealing with shortage of memory in the shadow pool\nassociated with a domain, shadows of page tables may be torn down.  This\ntearing down may include the shadow root page table that the CPU in\nquestion is presently running on.  While a precaution exists to\nsupposedly prevent the tearing down of the underlying live page table,\nthe time window covered by that precaution isn\u0027t large enough.\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.3:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Micro 5.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch",
          "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64",
          "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
          "openSUSE Leap 15.4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-34322",
          "url": "https://www.suse.com/security/cve/CVE-2023-34322"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215145 for CVE-2023-34322",
          "url": "https://bugzilla.suse.com/1215145"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.3:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch",
            "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.3:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch",
            "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-devel-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-doc-html-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-libs-32bit-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-libs-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-tools-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.aarch64",
            "openSUSE Leap 15.4:xen-tools-domU-4.16.5_04-150400.4.34.1.x86_64",
            "openSUSE Leap 15.4:xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-09-27T17:16:03Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-34322"
    }
  ]
}

CVE-2023-20588 (GCVE-0-2023-20588)

Vulnerability from cvelistv5

Published

2023-08-08 17:06

Modified

2024-10-17 14:23

Severity ?

Summary

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

References

►

URL

Tags

	https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007	vendor-advisory
	https://www.debian.org/security/2023/dsa-5480
	https://www.debian.org/security/2023/dsa-5492
	http://www.openwall.com/lists/oss-security/2023/09/25/3
	http://www.openwall.com/lists/oss-security/2023/09/25/4
	http://xenbits.xen.org/xsa/advisory-439.html
	http://www.openwall.com/lists/oss-security/2023/09/25/5
	http://www.openwall.com/lists/oss-security/2023/09/25/8
	http://www.openwall.com/lists/oss-security/2023/09/25/7
	http://www.openwall.com/lists/oss-security/2023/09/26/5
	http://www.openwall.com/lists/oss-security/2023/09/26/8
	http://www.openwall.com/lists/oss-security/2023/09/26/9
	http://www.openwall.com/lists/oss-security/2023/09/27/1
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/
	http://www.openwall.com/lists/oss-security/2023/10/03/14
	http://www.openwall.com/lists/oss-security/2023/10/03/9
	http://www.openwall.com/lists/oss-security/2023/10/03/15
	http://www.openwall.com/lists/oss-security/2023/10/03/12
	http://www.openwall.com/lists/oss-security/2023/10/03/13
	http://www.openwall.com/lists/oss-security/2023/10/03/16
	http://www.openwall.com/lists/oss-security/2023/10/04/1
	http://www.openwall.com/lists/oss-security/2023/10/04/2
	http://www.openwall.com/lists/oss-security/2023/10/04/4
	http://www.openwall.com/lists/oss-security/2023/10/04/3
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/
	https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
	https://security.netapp.com/advisory/ntap-20240531-0005/

Impacted products

Vendor

Product

Version

►

AMD

EPYC™ 7001 Processors

Version: various

AMD	Athlon™ 3000 Series Processors with Radeon™ Graphics	Version: various
AMD	Ryzen™ 3000 Series Processors with Radeon™ Graphics	Version: various
AMD	Athlon™ PRO 3000 Series Processors with Radeon™ Vega Graphics	Version: Various
AMD	Ryzen™ PRO 3000 Series Processors with Radeon™ Vega Graphics	Version: various

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.921Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5480"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5492"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/25/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/25/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-439.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/25/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/25/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/25/7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/26/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/26/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/26/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/27/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/03/14"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/03/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/03/15"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/03/12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/03/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/03/16"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/04/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/04/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/04/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/04/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240531-0005/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20588",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-17T14:23:03.408701Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-17T14:23:18.239Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "packageName": " ",
          "platforms": [
            "x86"
          ],
          "product": "EPYC\u2122 7001 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various "
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "platforms": [
            "x86"
          ],
          "product": "Athlon\u2122 3000 Series Processors with Radeon\u2122 Graphics ",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various "
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "packageName": " ",
          "platforms": [
            "x86"
          ],
          "product": "Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various "
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "platforms": [
            "x86"
          ],
          "product": "Athlon\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics ",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "Various "
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "platforms": [
            "x86"
          ],
          "product": "Ryzen\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various "
            }
          ]
        }
      ],
      "datePublic": "2023-08-08T16:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.\u0026nbsp;\n\n\n\n\n\n\n\n"
            }
          ],
          "value": "\nA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.\u00a0\n\n\n\n\n\n\n\n"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-08T17:06:30.065Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5480"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5492"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/25/3"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/25/4"
        },
        {
          "url": "http://xenbits.xen.org/xsa/advisory-439.html"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/25/5"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/25/8"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/25/7"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/26/5"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/26/8"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/26/9"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/27/1"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/10/03/14"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/10/03/9"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/10/03/15"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/10/03/12"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/10/03/13"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/10/03/16"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/10/04/1"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/10/04/2"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/10/04/4"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/10/04/3"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240531-0005/"
        }
      ],
      "source": {
        "advisory": "AMD-SB-7007",
        "discovery": "UNKNOWN"
      },
      "title": "Speculative Leaks",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-20588",
    "datePublished": "2023-08-08T17:06:30.065Z",
    "dateReserved": "2022-10-27T18:53:39.759Z",
    "dateUpdated": "2024-10-17T14:23:18.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-34322 (GCVE-0-2023-34322)

Vulnerability from cvelistv5

Published

2024-01-05 16:18

Modified

2025-06-16 18:28

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on the shadow of the guest root page table. In the course of dealing with shortage of memory in the shadow pool associated with a domain, shadows of page tables may be torn down. This tearing down may include the shadow root page table that the CPU in question is presently running on. While a precaution exists to supposedly prevent the tearing down of the underlying live page table, the time window covered by that precaution isn't large enough.

References

►

URL

	Vendor	Product	Version
	Xen	Xen

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2023:3832-1

Vulnerability from csaf_suse

CVE-2023-20588 (GCVE-0-2023-20588)

Vulnerability from cvelistv5

CVE-2023-34322 (GCVE-0-2023-34322)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature