XSA-361/CVE-2021-26932 (https://xenbits.xenproject.org/xsa/advisory-361.html): A malicious or buggy frontend driver may be able to crash the corresponding backend driver, causing a denial of service potentially affecting the entire domain running the backend driver. A malicious or buggy frontend driver may be able to cause resource leaks in the domain running the corresponding backend driver, leading to a denial of service. XSA-362/CVE-2021-26931 (https://xenbits.xenproject.org/xsa/advisory-362.html): A malicious or buggy frontend driver may be able to crash the corresponding backend driver, potentially affecting the entire domain running the backend driver. XSA-363/CVE-2021-26934 (https://xenbits.xenproject.org/xsa/advisory-363.html): The backend allocation mode of Linux'es drm_xen_front drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support status entry. Use of the feature may have unknown effects. XSA-364/CVE-2021-26933 (https://xenbits.xenproject.org/xsa/advisory-364.html): A malicious guest may be able to read sensitive data from memory that previously belonged to another guest. XSA-365/CVE-2021-26930 (https://xenbits.xenproject.org/xsa/advisory-365.html): A malicious or buggy frontend driver may be able to crash the corresponding backend driver, potentially affecting the entire domain running the backend driver. In configurations without driver domains or similar disaggregation, that is a host-wide denial of sevice. Privilege escalation and information leaks cannot be ruled out. Patches at advisory URLs. Please bump.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e79e7791eb59e8afeb86e1ef75d5b955492c2e06 commit e79e7791eb59e8afeb86e1ef75d5b955492c2e06 Author: Tomáš Mózes <hydrapolic@gmail.com> AuthorDate: 2021-02-19 13:33:20 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2021-02-21 16:07:56 +0000 app-emulation/xen: add security patches Fixes XSA-364. Bug: https://bugs.gentoo.org/742272 Bug: https://bugs.gentoo.org/771117 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> app-emulation/xen/Manifest | 2 + app-emulation/xen/xen-4.13.2-r5.ebuild | 165 +++++++++++++++++++++++++++++++++ app-emulation/xen/xen-4.14.1-r1.ebuild | 165 +++++++++++++++++++++++++++++++++ 3 files changed, 332 insertions(+)
Only patched for XSA-364? Are we unaffected for the other issues?
(In reply to John Helmert III (ajak) from comment #2) > Only patched for XSA-364? Are we unaffected for the other issues? The others are fixed in the kernel itself.
The fixes for 361,362,365 are in the queue, so for instance 5.4.100 will probably have the fixes. XSA-361 https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.4/xen-arm-don-t-ignore-return-errors-from-set_phys_to_machine.patch https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.4/xen-gntdev-correct-dev_bus_addr-handling-in-gntdev_map_grant_pages.patch https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.4/xen-gntdev-correct-error-checking-in-gntdev_map_grant_pages.patch https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.4/xen-x86-also-check-kernel-mapping-in-set_foreign_p2m_mapping.patch https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.4/xen-x86-don-t-bail-early-from-clear_foreign_p2m_mapping.patch XSA-362 https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.4/xen-blkback-don-t-handle-error-by-bug.patch https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.4/xen-netback-don-t-handle-error-by-bug.patch https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.4/xen-scsiback-don-t-handle-error-by-bug.patch XSA-365 https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.4/xen-blkback-fix-error-handling-in-xen_blkbk_map.patch
Fixes included in kernels: 5.10.18 5.4.100 4.19.177 4.14.222 4.9.258 4.4.258
(In reply to Tomáš Mózes from comment #5) > Fixes included in kernels: > 5.10.18 > 5.4.100 > 4.19.177 > 4.14.222 > 4.9.258 > 4.4.258 Thanks! Downgrading to B4 since XSA-364 seems to just be information disclosure.
(In reply to John Helmert III (ajak) from comment #6) > (In reply to Tomáš Mózes from comment #5) > > Fixes included in kernels: > > 5.10.18 > > 5.4.100 > > 4.19.177 > > 4.14.222 > > 4.9.258 > > 4.4.258 > > Thanks! Downgrading to B4 since XSA-364 seems to just be information > disclosure. And as such it's only affecting arm for which xen is only unstable, so down to ~4 and we'll keep stabling to enable cleanup. Sorry for all the noise.
amd64 done all arches done
Please cleanup.
Cleanup done, closing.
