vulnerability
SUSE: CVE-2024-31146: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:M/Au:M/C:C/I:C/A:C) | Aug 21, 2024 | Aug 22, 2024 | Dec 5, 2025 |
Severity
6
CVSS
(AV:L/AC:M/Au:M/C:C/I:C/A:C)
Published
Aug 21, 2024
Added
Aug 22, 2024
Modified
Dec 5, 2025
Description
When multiple devices share resources and one of them is to be passed
through to a guest, security of the entire system and of respective
guests individually cannot really be guaranteed without knowing
internals of any of the involved guests. Therefore such a configuration
cannot really be security-supported, yet making that explicit was so far
missing.
Resources the sharing of which is known to be problematic include, but
are not limited to
- - PCI Base Address Registers (BARs) of multiple devices mapping to the
same page (4k on x86),
- - INTx lines.
Solutions
suse-upgrade-xensuse-upgrade-xen-develsuse-upgrade-xen-libssuse-upgrade-xen-toolssuse-upgrade-xen-tools-domususe-upgrade-xen-tools-xendomains-wait-disk
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.