Summary: | <app-emulation/xen-{4.14.3,4.15.1}: race in XENMAPSPACE_grant_table (CVE-2021-28701) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | flow, hydrapolic, proxy-maint, xen |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://xenbits.xen.org/xsa/advisory-384.html | ||
See Also: | https://github.com/gentoo/gentoo/pull/22270 | ||
Whiteboard: | B4 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 810341 | ||
Bug Blocks: |
Description
John Helmert III
2021-09-10 19:28:42 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4f2c2f779b6943e83e77b248b567c1e1d840c137 commit 4f2c2f779b6943e83e77b248b567c1e1d840c137 Author: Tomáš Mózes <hydrapolic@gmail.com> AuthorDate: 2021-09-11 11:01:18 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2021-09-18 09:49:58 +0000 app-emulation/xen: bump to 4.14.3/4.15.1 Bug: https://bugs.gentoo.org/812485 Bug: https://bugs.gentoo.org/810341 Closes: https://bugs.gentoo.org/800935 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/22270 Signed-off-by: Joonas Niilola <juippis@gentoo.org> app-emulation/xen/Manifest | 2 + app-emulation/xen/files/xen-4.15-flask.patch | 13 +++ app-emulation/xen/xen-4.14.3.ebuild | 167 +++++++++++++++++++++++++++ app-emulation/xen/xen-4.15.1.ebuild | 167 +++++++++++++++++++++++++++ 4 files changed, 349 insertions(+) This is done, tree clean. GLSA request filed GLSA done, all done. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=22bc39ed12fa34e39fcf5a2559a7f2135d98e1b1 commit 22bc39ed12fa34e39fcf5a2559a7f2135d98e1b1 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-14 14:28:39 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-08-14 14:33:57 +0000 [ GLSA 202208-23 ] Xen: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/810341 Bug: https://bugs.gentoo.org/812485 Bug: https://bugs.gentoo.org/816882 Bug: https://bugs.gentoo.org/825354 Bug: https://bugs.gentoo.org/832039 Bug: https://bugs.gentoo.org/835401 Bug: https://bugs.gentoo.org/850802 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202208-23.xml | 88 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) |