FEDORA-2019-bce6498890 created by myoung a year ago for Fedora 28
stable

xen: various flaws (#1685577) grant table transfer issues on large hosts [XSA-284] race with pass-through device hotplug [XSA-285] x86: steal_page violates page_struct access discipline [XSA-287] x86: Inconsistent PV IOMMU discipline [XSA-288] missing preemption in x86 PV page table unvalidation [XSA-290] x86/PV: page type reference counting issue with failed IOMMU update [XSA-291] x86: insufficient TLB flushing when using PCID [XSA-292] x86: PV kernel context switch corruption [XSA-293] x86 shadow: Insufficient TLB flushing when using PCID [XSA-294]


update to xen-4.10.3


  • insufficient TLB flushing / improper large page mappings with AMD IOMMUs [XSA-275] (#1651665)
  • x86: DoS from attempting to use INVPCID with a non-canonical addresses [XSA-279]
  • Fix for XSA-240 conflicts with shadow paging [XSA-280]

guest use of HLE constructs may lock up host [XSA-282]

How to install

sudo dnf upgrade --advisory=FEDORA-2019-bce6498890

This update has been submitted for testing by myoung.

a year ago

This update has obsoleted xen-4.10.3-1.fc28, and has inherited its bugs and notes.

a year ago

This update has been pushed to testing.

a year ago
User Icon pwalter commented & provided feedback a year ago
karma

Works

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

a year ago

This update has been submitted for batched by myoung.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
BZ#1647573 CVE-2018-19961 CVE-2018-19962 xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs
0
0
BZ#1647588 CVE-2018-19965 xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses
0
0
BZ#1651665 xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs [fedora-all]
0
0
BZ#1651970 xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses [fedora-all]
0
0
BZ#1652235 CVE-2018-19966 xsa280 xen: Conflicts with shadow paging due to XSA-240 incomplete fix (XSA-280)
0
0
BZ#1652251 CVE-2018-19963 CVE-2018-19964 CVE-2018-19966 xen: various flaws [fedora-all]
0
0
BZ#1679321 xen: xsa288: Inconsistent PV IOMMU discipline
0
0
BZ#1679326 xen: xsa292: insufficient TLB flushing when using PCID
0
0
BZ#1679327 xen: xsa293: PV kernel context switch corruption
0
0
BZ#1679328 xen: xsa287: steal_page violates page_struct access discipline
0
0
BZ#1679332 xen: xsa285: race with pass-through device hotplug
0
0
BZ#1679334 xen: xsa290: missing preemption in x86 PV page table unvalidation
0
0
BZ#1683956 xen: xsa294: Insufficient TLB flushing when using PCID
0
0
BZ#1685568 xen: xsa284: grant table transfer issues on large hosts
0
0
BZ#1685570 xen: xsa291: x86/PV: page type reference counting issue with failed IOMMU update
0
0
BZ#1685577 xen: various flaws [fedora-all]
0
0

Automated Test Results