SUSE-IU-2024:1942-1: Security update of suse/sl-micro/6.0/rt-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Dec 4 08:04:19 UTC 2024 

SUSE Image Update Advisory: suse/sl-micro/6.0/rt-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:1942-1
Image Tags        : suse/sl-micro/6.0/rt-os-container:2.1.3 , suse/sl-micro/6.0/rt-os-container:2.1.3-5.18 , suse/sl-micro/6.0/rt-os-container:latest
Image Release     : 5.18
Severity          : critical
Type              : security
References        : 1027519 1207377 1214718 1216320 1218474 1218851 1219080 1219503
                        1219885 1221332 1221334 1221984 1222302 1222453 1224788 1225365
                        1225953 1226321 1227355 1228142 1228574 1228575 1230679 1231500
                        1232211 CVE-2022-45748 CVE-2023-28746 CVE-2023-32324 CVE-2023-32360
                        CVE-2023-34241 CVE-2023-4504 CVE-2023-46839 CVE-2023-46840 CVE-2023-46841
                        CVE-2023-46842 CVE-2024-2193 CVE-2024-2201 CVE-2024-31142 CVE-2024-31143
                        CVE-2024-31145 CVE-2024-31146 CVE-2024-35195 CVE-2024-35235 CVE-2024-40724
                        CVE-2024-45679 
-----------------------------------------------------------------

The container suse/sl-micro/6.0/rt-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE_ALP_Source_Standard_Core_1.0_Build
Released:    Mon Nov 25 14:51:40 2024
Summary:     Security update for xen
Type:        security
Severity:    critical
References:  1027519,1207377,1214718,1216320,1218474,1218851,1219080,1219503,1219885,1221332,1221334,1221984,1222302,1222453,1224788,1225365,1225953,1226321,1227355,1228142,1228574,1228575,1230679,1231500,1232211,CVE-2022-45748,CVE-2023-28746,CVE-2023-32324,CVE-2023-32360,CVE-2023-34241,CVE-2023-4504,CVE-2023-46839,CVE-2023-46840,CVE-2023-46841,CVE-2023-46842,CVE-2024-2193,CVE-2024-2201,CVE-2024-31142,CVE-2024-31143,CVE-2024-31145,CVE-2024-31146,CVE-2024-35195,CVE-2024-35235,CVE-2024-40724,CVE-2024-45679
This update for xen fixes the following issues:

- Update to Xen 4.18.3 security bug fix release (bsc#1027519)
  * No upstream changelog found in sources or webpage
- bsc#1228574 - VUL-0: CVE-2024-31145: xen: error handling in x86
  IOMMU identity mapping (XSA-460)
- bsc#1228575 - VUL-0: CVE-2024-31146: xen: PCI device pass-through
  with shared resources (XSA-461)
- bsc#1227355 - VUL-0: CVE-2024-31143: xen: double unlock in x86
  guest IRQ handling (XSA-458)
- bsc#1214718 - The system hangs intermittently when Power Control
  Mode is set to Minimum Power on SLES15SP5 Xen
- Upstream bug fixes (bsc#1027519)

- bsc#1225953 - Package xen does not build with gcc14 because of
  new errors
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
  trigger Xen bug check (XSA-454)
- Upstream bug fixes (bsc#1027519)

- Update to Xen 4.18.2 security bug fix release (bsc#1027519)
  xen-4.18.2-testing-src.tar.bz2
  * No upstream changelog found in sources or webpage
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
  trigger Xen bug check (XSA-454)
- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
  for BTC/SRSO mitigations (XSA-455)
- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
  History Injection (XSA-456)
- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
  Race Conditions (XSA-453)

- Update to Xen 4.18.1 bug fix release (bsc#1027519)
  xen-4.18.1-testing-src.tar.bz2
  * No upstream changelog found in sources or webpage
- bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data
  Sampling (XSA-452)
- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
  Race Conditions (XSA-453)
- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
  exceptions from emulation stubs (XSA-451)

- Upstream bug fixes (bsc#1027519)
- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
  assigned to incorrect contexts (XSA-449)
- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
  quarantine devices in !HVM builds (XSA-450)
- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
  quarantine devices in !HVM builds (XSA-450)
- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
  assigned to incorrect contexts (XSA-449)


The following package changes have been done:

- SL-Micro-release-6.0-24.28 updated
- elemental-register-1.6.6-1.1 updated
- elemental-support-1.6.6-1.1 updated
- container:SL-Micro-container-2.1.3-4.17 updated

More information about the sle-container-updates mailing list