FEDORA-2018-1a467757ce

security update in Fedora 27 for xen

Status: stable 10 months ago

preemption checks bypassed in x86 PV MM handling [XSA-264, CVE-2018-12891] x86: #DB exception safety check can be triggered by a guest [XSA-265, CVE-2018-12893] libxl fails to honour readonly flag on HVM emulated SCSI disks [XSA-266, CVE-2018-12892]


Speculative register leakage from lazy FPU context switching [XSA-267, CVE-2018-3665] fix for change in iasl output

How to install

sudo dnf upgrade --advisory=FEDORA-2018-1a467757ce

Comments 8

This update has been submitted for testing by myoung.

This update has obsoleted xen-4.9.2-5.fc27, and has inherited its bugs and notes.

This update has been pushed to testing.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by myoung.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

Does the system's basic functionality continue to work after this update?
#1590979 CVE-2018-12893 xen: x86 DB exception safety check can be triggered by a guest (XSA-265)
#1590984 CVE-2018-12892 xsa-266 xen: libxl fails to honour readonly flag on HVM emulated SCSI disks
#1590985 CVE-2018-12891 xen: preemption checks bypassed in x86 PV MM handling (XSA-264)
#1595957 CVE-2018-12892 xen: xsa-266 xen: libxl fails to honour readonly flag on HVM emulated SCSI disks [fedora-all]
#1595958 CVE-2018-12893 xen: x86 DB exception safety check can be triggered by a guest (XSA-265) [fedora-all]
#1595959 CVE-2018-12891 xen: preemption checks bypassed in x86 PV MM handling (XSA-264) [fedora-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+1
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 11 months ago
in testing 11 months ago
in stable 10 months ago

Related Bugs 6

00 #1590979 CVE-2018-12893 xen: x86 DB exception safety check can be triggered by a guest (XSA-265)
00 #1590984 CVE-2018-12892 xsa-266 xen: libxl fails to honour readonly flag on HVM emulated SCSI disks
00 #1590985 CVE-2018-12891 xen: preemption checks bypassed in x86 PV MM handling (XSA-264)
00 #1595957 CVE-2018-12892 xen: xsa-266 xen: libxl fails to honour readonly flag on HVM emulated SCSI disks [fedora-all]
00 #1595958 CVE-2018-12893 xen: x86 DB exception safety check can be triggered by a guest (XSA-265) [fedora-all]
00 #1595959 CVE-2018-12891 xen: preemption checks bypassed in x86 PV MM handling (XSA-264) [fedora-all]

Automated Test Results