stable

xen-4.9.1-5.fc27

FEDORA-2018-c553a586c8 created by myoung 7 years ago for Fedora 27

add Xen page-table isolation (XPTI) mitigation and Branch Target Injection (BTI) mitigation for XSA-254 DoS via non-preemptable L3/L4 pagetable freeing [XSA-252] (#1549568) grant table v2 -> v1 transition may crash Xen [XSA-255] (#1549570) x86 PVH guest without LAPIC may DoS the host [XSA-256] (#1549572)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2018-c553a586c8

This update has been submitted for testing by myoung.

7 years ago

This update has been pushed to testing.

7 years ago
User Icon nucleo commented 7 years ago

Dom0 boots notably slower. Is there nopti kernel option analogue for Xen page-table isolation?

User Icon nucleo commented 7 years ago

Looks like a bit faster boot with xpti=false.

User Icon mhayden commented & provided feedback 7 years ago
karma

No issues.

User Icon cserpentis commented & provided feedback 7 years ago
karma

works for me

User Icon filiperosset commented & provided feedback 7 years ago
karma

no regressions noted

This update has been submitted for batched by bodhi.

7 years ago

This update has been submitted for stable by bodhi.

7 years ago

This update has been pushed to stable.

7 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
7 years ago
in testing
7 years ago
in stable
7 years ago
Builds
1
xen-4.9.1-5.fc27
BZ#1544453 CVE-2018-7542 xsa256 xen: x86 PVH guest without LAPIC may DoS the host (XSA-256)
0
0
BZ#1544456 CVE-2018-7540 xsa252 xen: DoS via non-preemptable L3/L4 pagetable freeing (XSA-252)
0
0
BZ#1544459 CVE-2018-7541 xsa255 xen: grant table v2 -> v1 transition may crash Xen (XSA-255)
0
0
BZ#1549568 CVE-2018-7540 xen: xsa252 xen: DoS via non-preemptable L3/L4 pagetable freeing (XSA-252) [fedora-all]
0
0
BZ#1549570 CVE-2018-7541 xen: xsa255 xen: grant table v2 -> v1 transition may crash Xen (XSA-255) [fedora-all]
0
0
BZ#1549572 CVE-2018-7542 xen: xsa256 xen: x86 PVH guest without LAPIC may DoS the host (XSA-256) [fedora-all]
0
0
xen-4.9.1-5.fc27

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 8.3.0 on bodhi-web-177-rvwvq.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy