Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9dce62de by Moritz Muehlenhoff at 2022-11-16T14:35:00+01:00
xen fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11202,98 +11202,98 @@ CVE-2022-42329
CVE-2022-42328
RESERVED
CVE-2022-42327 (x86: unintended memory sharing between guests On Intel systems
that su ...)
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[bullseye] - xen <not-affected> (Vulnerable code introduced later in
4.16)
[buster] - xen <not-affected> (Vulnerable code introduced later in 4.16)
NOTE: https://xenbits.xen.org/xsa/advisory-412.html
CVE-2022-42326 (Xenstore: Guests can create arbitrary number of nodes via
transactions ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-421.html
CVE-2022-42325 (Xenstore: Guests can create arbitrary number of nodes via
transactions ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-421.html
CVE-2022-42324 (Oxenstored 32->31 bit integer truncation issues Integers in
Ocaml a ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-420.html
CVE-2022-42323 (Xenstore: Cooperating guests can create arbitrary numbers of
nodes T[h ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-419.html
CVE-2022-42322 (Xenstore: Cooperating guests can create arbitrary numbers of
nodes T[h ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-419.html
CVE-2022-42321 (Xenstore: Guests can crash xenstored via exhausting the stack
Xenstore ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-418.html
CVE-2022-42320 (Xenstore: Guests can get access to Xenstore nodes of deleted
domains A ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-417.html
CVE-2022-42319 (Xenstore: Guests can cause Xenstore to not free temporary
memory When ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-416.html
CVE-2022-42318 (Xenstore: guests can let run xenstored out of memory T[his CNA
informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42317 (Xenstore: guests can let run xenstored out of memory T[his CNA
informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42316 (Xenstore: guests can let run xenstored out of memory T[his CNA
informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42315 (Xenstore: guests can let run xenstored out of memory T[his CNA
informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42314 (Xenstore: guests can let run xenstored out of memory T[his CNA
informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42313 (Xenstore: guests can let run xenstored out of memory T[his CNA
informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42312 (Xenstore: guests can let run xenstored out of memory T[his CNA
informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42311 (Xenstore: guests can let run xenstored out of memory T[his CNA
informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42310 (Xenstore: Guests can create orphaned Xenstore nodes By
creating multip ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-415.html
CVE-2022-42309 (Xenstore: Guests can crash xenstored Due to a bug in the fix
of XSA-11 ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-414.html
CVE-2022-42308 (An issue was discovered in Veritas NetBackup through 8.2 and
related V ...)
@@ -33986,17 +33986,17 @@ CVE-2022-33749 (XAPI open file limit DoS It is
possible for an unauthenticated c
NOTE: https://xenbits.xen.org/xsa/advisory-413.html
CVE-2022-33748 (lock order inversion in transitive grant copy handling As part
of XSA- ...)
{DSA-5272-1}
- - xen <unfixed> (bug #1021668)
+ - xen 4.16.2+90-g0d39a6d1ae-1 (bug #1021668)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-411.html
CVE-2022-33747 (Arm: unbounded memory consumption for 2nd-level page tables
Certain ac ...)
{DSA-5272-1}
- - xen <unfixed> (bug #1021668)
+ - xen 4.16.2+90-g0d39a6d1ae-1 (bug #1021668)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-409.html
CVE-2022-33746 (P2M pool freeing may take excessively long The P2M pool
backing second ...)
{DSA-5272-1}
- - xen <unfixed> (bug #1021668)
+ - xen 4.16.2+90-g0d39a6d1ae-1 (bug #1021668)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-410.html
CVE-2022-33745 (insufficient TLB flush for x86 PV guests in shadow mode For
migration ...)
@@ -63463,7 +63463,7 @@ CVE-2022-23825 (Aliases in the branch predictor may
cause some AMD processors to
NOTE: https://xenbits.xen.org/xsa/advisory-422.html
NOTE:
https://www.amd.com/system/files/documents/technical-guidance-for-mitigating-branch-type-confusion.pdf
CVE-2022-23824 (IBPB may not prevent return branch predictions from being
specified by ...)
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-422.html
NOTE:
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1040
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dce62deb99d0bd75f8bcbb7c890bea03bb59686
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dce62deb99d0bd75f8bcbb7c890bea03bb59686
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
