FEDORA-2019-ca856b52ca

security update in Fedora 28 for xen

Status: obsolete

update to xen-4.10.3


  • insufficient TLB flushing / improper large page mappings with AMD IOMMUs [XSA-275] (#1651665)
  • x86: DoS from attempting to use INVPCID with a non-canonical addresses [XSA-279]
  • Fix for XSA-240 conflicts with shadow paging [XSA-280]

guest use of HLE constructs may lock up host [XSA-282]

Comments 4

This update has been submitted for testing by myoung.

This update has obsoleted xen-4.10.2-4.fc28, and has inherited its bugs and notes.

This update has been pushed to testing.

This update has been obsoleted by xen-4.10.3-2.fc28.

Content Type
RPM
Status
obsolete
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 5 months ago
in testing 5 months ago

Related Bugs 6

00 #1647573 CVE-2018-19961 CVE-2018-19962 xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs
00 #1647588 CVE-2018-19965 xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses
00 #1651665 xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs [fedora-all]
00 #1651970 xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses [fedora-all]
00 #1652235 CVE-2018-19966 xsa280 xen: Conflicts with shadow paging due to XSA-240 incomplete fix (XSA-280)
00 #1652251 CVE-2018-19963 CVE-2018-19964 CVE-2018-19966 xen: various flaws [fedora-all]

Automated Test Results