FEDORA-2020-76cf2b0f0a — security update for xen

stable

xen-4.12.3-3.fc31

FEDORA-2020-76cf2b0f0a created by myoung 4 years ago for Fedora 31

incorrect error handling in event channel port allocation leads to DoS [XSA-317, CVE-2020-15566] (#1854465) inverted code paths in x86 dirty VRAM tracking leads to DoS [XSA-319, CVE-2020-15563] (#1854463) xen: insufficient cache write-back under VT-d leads to DoS [XSA-321, CVE-2020-15565] (#1854467) missing alignment check in VCPUOP_register_vcpu_info leads to DoS [XSA-327, CVE-2020-15564] (#1854458) non-atomic modification of live EPT PTE leads to DoS [XSA-328, CVE-2020-15567] (#1854464)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2020-76cf2b0f0a

This update has been submitted for testing by myoung.

4 years ago

This update's test gating status has been changed to 'ignored'.

4 years ago

This update's test gating status has been changed to 'waiting'.

4 years ago

This update's test gating status has been changed to 'ignored'.

4 years ago

This update has been pushed to testing.

4 years ago

This update can be pushed to stable now if the maintainer wishes

4 years ago

This update has been submitted for stable by bodhi.

4 years ago

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

14 days

Dates

submitted

4 years ago

in testing

4 years ago

in stable

4 years ago

Builds

xen-4.12.3-3.fc31

BZ#1851470 CVE-2020-15564 xen: missing alignment check in VCPUOP_register_vcpu_info leads to DoS (XSA-327)

BZ#1851471 CVE-2020-15563 xen: inverted code paths in x86 dirty VRAM tracking leads to DoS (XSA-319)

BZ#1851472 CVE-2020-15567 xen: non-atomic modification of live EPT PTE leads to DoS (XSA-328)

BZ#1851474 CVE-2020-15566 xen: incorrect error handling in event channel port allocation leads to DoS (XSA-317)

BZ#1851475 CVE-2020-15565 xen: insufficient cache write-back under VT-d leads to DoS (XSA-321)

BZ#1854458 CVE-2020-15564 xen: missing alignment check in VCPUOP_register_vcpu_info leads to DoS (XSA-327) [fedora-all]

BZ#1854463 CVE-2020-15563 xen: inverted code paths in x86 dirty VRAM tracking leads to DoS (XSA-319) [fedora-all]

BZ#1854464 CVE-2020-15567 xen: non-atomic modification of live EPT PTE leads to DoS (XSA-328) [fedora-all]

BZ#1854465 CVE-2020-15566 xen: incorrect error handling in event channel port allocation leads to DoS (XSA-317) [fedora-all]

BZ#1854467 CVE-2020-15565 xen: insufficient cache write-back under VT-d leads to DoS (XSA-321) [fedora-all]

xen-4.12.3-3.fc31

Automated Test Results

ignored