Updated xen packages fix security vulnerability
Publication date: 06 Mar 2020Modification date: 06 Mar 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2018-12207 , CVE-2019-11135 , CVE-2019-17349 , CVE-2019-17349 , CVE-2019-17350 , CVE-2019-18420 , CVE-2019-18421 , CVE-2019-18422 , CVE-2019-18423 , CVE-2019-18424 , CVE-2019-18425
Description
- Updated from 4.12.0 to 4.12.1 - Device quarantine for alternate pci assignment methods [XSA-306] - x86: Machine Check Error on Page Size Change DoS [XSA-304, CVE-2018-12207] - TSX Asynchronous Abort speculative side channel [XSA-305, CVE-2019-11135] - VCPUOP_initialise DoS [XSA-296, CVE-2019-18420] (rhbz#1771368) - missing descriptor table limit checking in x86 PV emulation [XSA-298, CVE-2019-18425] (rhbz#1771341) - Issues with restartable PV type change operations [XSA-299, CVE-2019-18421] (rhbz#1767726) - add-to-physmap can be abused to DoS Arm hosts [XSA-301, CVE-2019-18423] (rhbz#1771345) - passed through PCI devices may corrupt host memory after deassignment [XSA-302, CVE-2019-18424] (rhbz#1767731) - ARM: Interrupts are unconditionally unmasked in exception handlers [XSA-303, CVE-2019-18422] (rhbz#1771443) - Unlimited Arm Atomics Operations [XSA-295, CVE-2019-17349, CVE-2019-17350] (rhbz#1720760) - fix HVM DomU boot on some chipsets - adjust grub2 workaround
References
- https://bugs.mageia.org/show_bug.cgi?id=25782
- https://xenbits.xen.org/xsa/advisory-295.html
- https://xenbits.xen.org/xsa/advisory-296.html
- https://xenbits.xen.org/xsa/advisory-298.html
- https://xenbits.xen.org/xsa/advisory-299.html
- https://xenbits.xen.org/xsa/advisory-301.html
- https://xenbits.xen.org/xsa/advisory-302.html
- https://xenbits.xen.org/xsa/advisory-303.html
- https://xenbits.xen.org/xsa/advisory-304.html
- https://xenbits.xen.org/xsa/advisory-305.html
- https://xenbits.xen.org/xsa/advisory-306.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12207
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11135
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17349
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17349
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17350
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18420
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18421
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18422
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18423
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18424
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18425
SRPMS
7/core
- xen-4.12.1-1.mga7