| commit | b473ad2ec2d2d2cf981d7ec3a11d548d33d8a2cb | [log] [tgz] |
|---|---|---|
| author | Peter Korsgaard <peter@korsgaard.com> | Sat Nov 21 13:42:06 2020 +0100 |
| committer | Peter Korsgaard <peter@korsgaard.com> | Sun Nov 22 15:31:29 2020 +0100 |
| tree | 9105a00997eb6ebb67566ed98523bf1ec2b7b9e7 | |
| parent | 55e28a526e0d123634790fb68454680679164b3d [diff] |
package/xen: add XSA-333..344 security fixes Fixes the following security issues: - XSA-333: x86 pv: Crash when handling guest access to MSR_MISC_ENABLE (CVE-2020-25602) https://xenbits.xenproject.org/xsa/advisory-333.html - XSA-334: Missing unlock in XENMEM_acquire_resource error path (CVE-2020-25598) https://xenbits.xenproject.org/xsa/advisory-334.html - XSA-336: race when migrating timers between x86 HVM vCPU-s (CVE-2020-25604) https://xenbits.xenproject.org/xsa/advisory-336.html - XSA-337: PCI passthrough code reading back hardware registers (CVE-2020-25595) https://xenbits.xenproject.org/xsa/advisory-337.html - XSA-338: once valid event channels may not turn invalid (CVE-2020-25597) https://xenbits.xenproject.org/xsa/advisory-338.html - XSA-339: x86 pv guest kernel DoS via SYSENTER (CVE-2020-25596) https://xenbits.xenproject.org/xsa/advisory-339.html - XSA-340: Missing memory barriers when accessing/allocating an event channel (CVE-2020-25603) https://xenbits.xenproject.org/xsa/advisory-340.html - XSA-342: out of bounds event channels available to 32-bit x86 domains (CVE-2020-25600) https://xenbits.xenproject.org/xsa/advisory-342.html - XSA-343: races with evtchn_reset() (CVE-2020-25599) https://xenbits.xenproject.org/xsa/advisory-343.html - XSA-344: lack of preemption in evtchn_reset() / evtchn_destroy() (CVE-2020-25601) https://xenbits.xenproject.org/xsa/advisory-344.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com>