Alpine: xen: security update to 4.18.3-r0

high Tenable Cloud Security Plugin ID 408487

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive
interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in
one go. In this handling an error path could be taken in different situations, with or without a
particular lock held. This error path wrongly releases the lock even when it is not currently held.
(CVE-2024-31143)

- Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory
Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for
platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a
device associated with such a region is active, the mappings of these regions need to remain continuouly
accessible by the device. In the logic establishing these mappings, error handling was flawed, resulting
in such mappings to potentially remain in place when they should have been removed again. Respective
guests would then gain access to memory regions which they aren't supposed to have access to.
(CVE-2024-31145)

- In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are reported in
a status register. Furthermore, the OS can opt to receive an interrupt when a new error occurs. It is
possible to configure the error interrupt with an illegal vector, which generates an error when an error
interrupt is raised. This case causes Xen to recurse through vlapic_error(). The recursion itself is
bounded; errors accumulate in the the status register and only generate an interrupt when a new status bit
becomes set. However, the lock protecting this state in Xen will try to be taken recursively, and
deadlock. (CVE-2024-45817)

See Also

https://security.alpinelinux.org/vuln/CVE-2024-31143

https://security.alpinelinux.org/vuln/CVE-2024-31145

https://security.alpinelinux.org/vuln/CVE-2024-45817

Plugin Details

Severity: High

ID: 408487

Version: Revision 1.39

Type: Local

Published: 8/21/2024

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 5

Percentile: 94.5

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-31143

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2024-31145

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 7/16/2024

Reference Information

CVE: CVE-2024-31143, CVE-2024-31145, CVE-2024-45817

IAVB: 2024-B-0095-S