Racy interactions between dirty vram tracking and paging log dirty hypercalls https://xenbits.xen.org/xsa/advisory-397.html race in VT-d domain ID cleanup https://xenbits.xen.org/xsa/advisory-399.html IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues https://xenbits.xen.org/xsa/advisory-400.html
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d0804dc6b2577d34228030cc22b5fbaaf71e813 commit 8d0804dc6b2577d34228030cc22b5fbaaf71e813 Author: Tomáš Mózes <hydrapolic@gmail.com> AuthorDate: 2022-04-10 05:20:33 +0000 Commit: Florian Schmaus <flow@gentoo.org> CommitDate: 2022-04-14 05:53:28 +0000 app-emulation/xen: add upstream patches Fixes: XSA-397,XSA-399,XSA-400 Fixes: CVE-2022-26356,CVE-2022-26357,CVE-2022-26358,CVE-2022-26359,CVE-2022-26360,CVE-2022-26361 Bug: https://bugs.gentoo.org/837575 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Signed-off-by: Florian Schmaus <flow@gentoo.org> app-emulation/xen/Manifest | 2 + app-emulation/xen/xen-4.15.2-r2.ebuild | 163 ++++++++++++++++++++++++++++++++ app-emulation/xen/xen-4.16.0-r5.ebuild | 166 +++++++++++++++++++++++++++++++++ 3 files changed, 331 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb9aa87bd434697ffbf7e50109661f2e9fe14e32 commit cb9aa87bd434697ffbf7e50109661f2e9fe14e32 Author: Tomáš Mózes <hydrapolic@gmail.com> AuthorDate: 2022-05-05 20:41:45 +0000 Commit: Florian Schmaus <flow@gentoo.org> CommitDate: 2022-05-06 09:50:31 +0000 app-emulation/xen: drop vulnerable Bug: https://bugs.gentoo.org/837575 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Signed-off-by: Florian Schmaus <flow@gentoo.org> app-emulation/xen/Manifest | 2 - app-emulation/xen/xen-4.15.1-r3.ebuild | 163 --------------------------------- 2 files changed, 165 deletions(-)
Thanks!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=3f8db3fdbc2235dee30f5c1ea206584ecabbe484 commit 3f8db3fdbc2235dee30f5c1ea206584ecabbe484 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-04 07:16:20 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-02-04 07:16:59 +0000 [ GLSA 202402-07 ] Xen: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/754105 Bug: https://bugs.gentoo.org/757126 Bug: https://bugs.gentoo.org/826998 Bug: https://bugs.gentoo.org/837575 Bug: https://bugs.gentoo.org/858122 Bug: https://bugs.gentoo.org/876790 Bug: https://bugs.gentoo.org/879031 Bug: https://bugs.gentoo.org/903624 Bug: https://bugs.gentoo.org/905389 Bug: https://bugs.gentoo.org/915970 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202402-07.xml | 112 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 112 insertions(+)