stable

FEDORA-2019-cbb732f760 created by myoung 2 years ago for Fedora 30

add missing XSA-299 patches x86: Machine Check Error on Page Size Change DoS [XSA-304, CVE-2018-12207] TSX Asynchronous Abort speculative side channel [XSA-305, CVE-2019-11135]


VCPUOP_initialise DoS [XSA-296, CVE-2019-18420] missing descriptor table limit checking in x86 PV emulation [XSA-298, CVE-2019-18425] Issues with restartable PV type change operations [XSA-299, CVE-2019-18421] (#1767726) add-to-physmap can be abused to DoS Arm hosts [XSA-301, CVE-2019-18423] passed through PCI devices may corrupt host memory after deassignment [XSA-302, CVE-2019-18424] (#1767731) ARM: Interrupts are unconditionally unmasked in exception handlers [XSA-303, CVE-2019-18422]

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2019-cbb732f760

This update has been submitted for testing by myoung.

2 years ago

This update's test gating status has been changed to 'waiting'.

2 years ago

This update has obsoleted xen-4.11.2-2.fc30, and has inherited its bugs and notes.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon pwalter commented & provided feedback 2 years ago
karma

Works

This update can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#1765043 CVE-2019-18421 xen: a malicious PV guest administrator may be able to escalate their privilege to that of the host
0
0
BZ#1767726 CVE-2019-18421 xen: a malicious PV guest administrator may be able to escalate their privilege to that of the host [fedora-all]
0
0
BZ#1767730 CVE-2019-18424 xen: passed through PCI devices may corrupt host memory after deassignment leading to privilege escalation
0
0
BZ#1767731 CVE-2019-18424 xen: passed through PCI devices may corrupt host memory after deassignment leading to privilege escalation [fedora-all]
0
0
BZ#1771340 CVE-2019-18425 xen: missing descriptor table limit checking in x86 PV emulation leading to privilege escalation
0
0
BZ#1771341 CVE-2019-18425 xen: missing descriptor table limit checking in x86 PV emulation leading to privilege escalation [fedora-all]
0
0
BZ#1771344 CVE-2019-18423 xen: add-to-physmap can be abused to DoS Arm hosts
0
0
BZ#1771345 CVE-2019-18423 xen: add-to-physmap can be abused to DoS Arm hosts [fedora-all]
0
0
BZ#1771366 CVE-2019-18420 xen: allows guest OS users to cause denial of service via VCPUOP_initialise hypercall
0
0
BZ#1771368 CVE-2019-18420 xen: allows guest OS users to cause denial of service via VCPUOP_initialise hypercall [fedora-all]
0
0
BZ#1771442 CVE-2019-18422 xen: ARM: Interrupts are unconditionally unmasked in exception handlers
0
0
BZ#1771443 CVE-2019-18422 xen: ARM: Interrupts are unconditionally unmasked in exception handlers [fedora-all]
0
0

Automated Test Results