SUSE-IU-2025:3939-1: Security update of suse/sl-micro/6.2/kvm-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Dec 17 08:18:36 UTC 2025
SUSE Image Update Advisory: suse/sl-micro/6.2/kvm-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:3939-1
Image Tags : suse/sl-micro/6.2/kvm-os-container:2.3.0 , suse/sl-micro/6.2/kvm-os-container:2.3.0-6.16 , suse/sl-micro/6.2/kvm-os-container:latest
Image Release : 6.16
Severity : critical
Type : security
References : 1027519 1214718 1218851 1219080 1219885 1221332 1221334 1221984
1222302 1222453 1225953 1227355 1228574 1228575 CVE-2023-28746
CVE-2023-46839 CVE-2023-46840 CVE-2023-46841 CVE-2023-46842 CVE-2024-2193
CVE-2024-2201 CVE-2024-31142 CVE-2024-31143 CVE-2024-31145 CVE-2024-31146
-----------------------------------------------------------------
The container suse/sl-micro/6.2/kvm-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 108
Released: Mon Feb 3 10:11:08 2025
Summary: Security update for xen
Type: security
Severity: critical
References: 1027519,1214718,1218851,1219080,1219885,1221332,1221334,1221984,1222302,1222453,1225953,1227355,1228574,1228575,CVE-2023-28746,CVE-2023-46839,CVE-2023-46840,CVE-2023-46841,CVE-2023-46842,CVE-2024-2193,CVE-2024-2201,CVE-2024-31142,CVE-2024-31143,CVE-2024-31145,CVE-2024-31146
This update for xen fixes the following issues:
- Update to Xen 4.18.3 security bug fix release (bsc#1027519)
* No upstream changelog found in sources or webpage
- bsc#1228574 - VUL-0: CVE-2024-31145: xen: error handling in x86
IOMMU identity mapping (XSA-460)
- bsc#1228575 - VUL-0: CVE-2024-31146: xen: PCI device pass-through
with shared resources (XSA-461)
- bsc#1227355 - VUL-0: CVE-2024-31143: xen: double unlock in x86
guest IRQ handling (XSA-458)
- bsc#1214718 - The system hangs intermittently when Power Control
Mode is set to Minimum Power on SLES15SP5 Xen
- Upstream bug fixes (bsc#1027519)
- bsc#1225953 - Package xen does not build with gcc14 because of
new errors
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
trigger Xen bug check (XSA-454)
- Upstream bug fixes (bsc#1027519)
- Update to Xen 4.18.2 security bug fix release (bsc#1027519)
xen-4.18.2-testing-src.tar.bz2
* No upstream changelog found in sources or webpage
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
trigger Xen bug check (XSA-454)
- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
for BTC/SRSO mitigations (XSA-455)
- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
History Injection (XSA-456)
- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
Race Conditions (XSA-453)
- Update to Xen 4.18.1 bug fix release (bsc#1027519)
xen-4.18.1-testing-src.tar.bz2
* No upstream changelog found in sources or webpage
- bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data
Sampling (XSA-452)
- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
Race Conditions (XSA-453)
- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
exceptions from emulation stubs (XSA-451)
- Upstream bug fixes (bsc#1027519)
- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
assigned to incorrect contexts (XSA-449)
- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
quarantine devices in !HVM builds (XSA-450)
- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
quarantine devices in !HVM builds (XSA-450)
- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
assigned to incorrect contexts (XSA-449)
The following package changes have been done:
- libldap-data-2.6.10+10-160000.3.1 updated
- libldap-2-2.6.10+10-160000.3.1 updated
- container:suse-sl-micro-6.2-base-os-container-latest-35e6f9297d3fe36d402319e557c36610be85b6863f587e592155d3a6740f8c35-0 updated
More information about the sle-container-updates
mailing list