FEDORA-2018-2fde555d91

security update in Fedora 29 for xen

Status: stable 8 months ago

insufficient TLB flushing / improper large page mappings with AMD IOMMUs [XSA-275] (#1651665) resource accounting issues in x86 IOREQ server handling [XSA-276] x86: incorrect error handling for guest p2m page removals [XSA-277] x86: DoS from attempting to use INVPCID with a non-canonical addresses [XSA-279] Fix for XSA-240 conflicts with shadow paging [XSA-280]

How to install

sudo dnf upgrade --advisory=FEDORA-2018-2fde555d91

Comments 12

This update has been submitted for testing by myoung.

This update has been pushed to testing.

Works great! LGTM! =)

karma: +1

myoung edited this update.

works for me

karma: +1

myoung edited this update.

myoung edited this update.

myoung edited this update.

works fine

karma: +1

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
high
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 8 months ago
in testing 8 months ago
in stable 8 months ago
modified 8 months ago

Related Bugs 8

00 #1647573 CVE-2018-19961 CVE-2018-19962 xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs
00 #1647588 CVE-2018-19965 xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses
00 #1651665 xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs [fedora-all]
00 #1651970 xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses [fedora-all]
00 #1652227 xsa277 xen: x86: incorrect error handling for guest p2m page removals (XSA-277)
00 #1652231 xsa276 xen: resource accounting issues in x86 IOREQ server handling (XSA-276)
00 #1652235 CVE-2018-19966 xsa280 xen: Conflicts with shadow paging due to XSA-240 incomplete fix (XSA-280)
00 #1652251 CVE-2018-19963 CVE-2018-19964 CVE-2018-19966 xen: various flaws [fedora-all]

Automated Test Results