[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2022:3665-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":123,"epss":9,"epss_history":124,"metrics":125,"affected":126},"SUSE-SU-2022:3665-1","Security update for xen\n\nThis update for xen fixes the following issues:\n                                                                                                                                                                          \n  - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#1203806).                                                                                     \n  - CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807).\n  - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (bsc#1200762).\n  - CVE-2022-33740: Fixed issue where Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (bsc#1200762).\n  - CVE-2022-33741: Fixed issue where data residing in the same 4K page as data shared with a backend was being accessible by such backend (bsc#1200762).\n  - CVE-2022-33742: Fixed issue where data residing in the same 4K page as data shared with a backend was being accessible by such backend (bsc#1200762).\n  - CVE-2022-33745: Fixed an insufficient TLB flush for x86 PV guests in shadow mode (bsc#1201394).\n  - CVE-2021-28689: Fixed speculative vulnerabilities with bare (non-shim) 32-bit PV guests (bsc#1185104).\n\n  Bugfixes:                                                                                                                                                               \n                                                                                                                                                                          \n  - Fixed logic error in built-in default of max_event_channels (bsc#1167608, bsc#1201631). \n  - Fixed issue where dom0 fails to boot with constrained vcpus and nodes (bsc#1197081).\n  - Included upstream bugfixes (bsc#1027519).\n",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2021-28689",{"_key":17},"CVE-2022-26365",{"_key":19},"CVE-2022-33740",{"_key":21},"CVE-2022-33741",{"_key":23},"CVE-2022-33742",{"_key":25},"CVE-2022-33745",{"_key":27},"CVE-2022-33746",{"_key":29},"CVE-2022-33748",[],[],[33,34,35,36,37,38,39,40],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},"2022-10-19T18:29:23Z","2026-02-04T03:26:38.780658Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,53,58,62,66,70,74,78,82,86,90,95,99,103,107,111,115,119],{"url":47,"sources":48,"tags":51},"https://www.suse.com/support/update/announcement/2022/suse-su-20223665-1/",[49,50],"osv_suse","osv_opensuse",[52],"Advisory",{"url":54,"sources":55,"tags":56},"https://bugzilla.suse.com/1027519",[49,50],[57],"REPORT",{"url":59,"sources":60,"tags":61},"https://bugzilla.suse.com/1167608",[49,50],[57],{"url":63,"sources":64,"tags":65},"https://bugzilla.suse.com/1185104",[49,50],[57],{"url":67,"sources":68,"tags":69},"https://bugzilla.suse.com/1197081",[49,50],[57],{"url":71,"sources":72,"tags":73},"https://bugzilla.suse.com/1200762",[49,50],[57],{"url":75,"sources":76,"tags":77},"https://bugzilla.suse.com/1201394",[49,50],[57],{"url":79,"sources":80,"tags":81},"https://bugzilla.suse.com/1201631",[49,50],[57],{"url":83,"sources":84,"tags":85},"https://bugzilla.suse.com/1203806",[49,50],[57],{"url":87,"sources":88,"tags":89},"https://bugzilla.suse.com/1203807",[49,50],[57],{"url":91,"sources":92,"tags":93},"https://www.suse.com/security/cve/CVE-2021-28689",[49,50],[94],"WEB",{"url":96,"sources":97,"tags":98},"https://www.suse.com/security/cve/CVE-2022-26365",[49,50],[94],{"url":100,"sources":101,"tags":102},"https://www.suse.com/security/cve/CVE-2022-33740",[49,50],[94],{"url":104,"sources":105,"tags":106},"https://www.suse.com/security/cve/CVE-2022-33741",[49,50],[94],{"url":108,"sources":109,"tags":110},"https://www.suse.com/security/cve/CVE-2022-33742",[49,50],[94],{"url":112,"sources":113,"tags":114},"https://www.suse.com/security/cve/CVE-2022-33745",[49,50],[94],{"url":116,"sources":117,"tags":118},"https://www.suse.com/security/cve/CVE-2022-33746",[49,50],[94],{"url":120,"sources":121,"tags":122},"https://www.suse.com/security/cve/CVE-2022-33748",[49,50],[94],[],[],[],[127,140,144,150,154,158],{"ecosystem":128,"name":129,"vendor":130,"product":131,"cpe_part":9,"purl_type":132,"purl_namespace":130,"purl_name":131,"source":9,"versions":133},"openSUSE","xen","opensuse","xen&distro=openSUSE Leap 15.3","rpm",[134],{"version":135,"is_range":136,"range_type":137,"version_start":9,"version_start_type":9,"version_end":138,"version_end_type":139,"fixed_in":9},"lt4_14_5_06_150300_3_35_1",true,"ecosystem","4.14.5_06-150300.3.35.1","excluding",{"ecosystem":128,"name":129,"vendor":130,"product":141,"cpe_part":9,"purl_type":132,"purl_namespace":130,"purl_name":141,"source":9,"versions":142},"xen&distro=openSUSE Leap Micro 5.2",[143],{"version":135,"is_range":136,"range_type":137,"version_start":9,"version_start_type":9,"version_end":138,"version_end_type":139,"fixed_in":9},{"ecosystem":145,"name":129,"vendor":146,"product":147,"cpe_part":9,"purl_type":132,"purl_namespace":146,"purl_name":147,"source":9,"versions":148},"SUSE Linux Enterprise","suse","xen&distro=SUSE Linux Enterprise Micro 5.1",[149],{"version":135,"is_range":136,"range_type":137,"version_start":9,"version_start_type":9,"version_end":138,"version_end_type":139,"fixed_in":9},{"ecosystem":145,"name":129,"vendor":146,"product":151,"cpe_part":9,"purl_type":132,"purl_namespace":146,"purl_name":151,"source":9,"versions":152},"xen&distro=SUSE Linux Enterprise Micro 5.2",[153],{"version":135,"is_range":136,"range_type":137,"version_start":9,"version_start_type":9,"version_end":138,"version_end_type":139,"fixed_in":9},{"ecosystem":145,"name":129,"vendor":146,"product":155,"cpe_part":9,"purl_type":132,"purl_namespace":146,"purl_name":155,"source":9,"versions":156},"xen&distro=SUSE Linux Enterprise Module for Basesystem 15 SP3",[157],{"version":135,"is_range":136,"range_type":137,"version_start":9,"version_start_type":9,"version_end":138,"version_end_type":139,"fixed_in":9},{"ecosystem":145,"name":129,"vendor":146,"product":159,"cpe_part":9,"purl_type":132,"purl_namespace":146,"purl_name":159,"source":9,"versions":160},"xen&distro=SUSE Linux Enterprise Module for Server Applications 15 SP3",[161],{"version":135,"is_range":136,"range_type":137,"version_start":9,"version_start_type":9,"version_end":138,"version_end_type":139,"fixed_in":9}]