Your message dated Thu, 18 May 2023 22:55:48 +0200 with message-id <12210868.O9o76ZdvQC@eisbaer> and subject line Bug#1036298: fixed in xen 4.17.1+2-gb773c48e36-1 has caused the Debian Bug report #1036298, regarding xen: CVE-2022-42336: XSA-431: Mishandling of guest SSBD selection on AMD hardware to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1036298: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036298 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: xen Version: 4.17.0+74-g3eac216e6e-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Hi, The following vulnerability was published for xen. CVE-2022-42336[0]: | Mishandling of guest SSBD selection on AMD hardware The current logic | to set SSBD on AMD Family 17h and Hygon Family 18h processors requires | that the setting of SSBD is coordinated at a core level, as the | setting is shared between threads. Logic was introduced to keep track | of how many threads require SSBD active in order to coordinate it, | such logic relies on using a per-core counter of threads that have | SSBD active. When running on the mentioned hardware, it's possible for | a guest to under or overflow the thread counter, because each write to | VIRT_SPEC_CTRL.SSBD by the guest gets propagated to the helper that | does the per-core active accounting. Underflowing the counter causes | the value to get saturated, and thus attempts for guests running on | the same core to set SSBD won't have effect because the hypervisor | assumes it's already active. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-42336 https://www.cve.org/CVERecord?id=CVE-2022-42336 [1] https://xenbits.xen.org/xsa/advisory-431.html Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Version: 4.17.1+2-gb773c48e36-1 This bug has been fixed in the 4.17.1+2-gb773c48e36-1 upload of xen. Format: 1.8 Date: Thu, 18 May 2023 21:26:30 +0200 Source: xen Architecture: source Version: 4.17.1+2-gb773c48e36-1 Distribution: unstable Urgency: medium Maintainer: Debian Xen Team <pkg-xen-de...@lists.alioth.debian.org> Changed-By: Maximilian Engelhardt <m...@daemonizer.de> Closes: 1034842 Changes: xen (4.17.1+2-gb773c48e36-1) unstable; urgency=medium . * Update to new upstream version 4.17.1+2-gb773c48e36, which also contains security fixes for the following issues: - x86 shadow paging arbitrary pointer dereference XSA-430 CVE-2022-42335 (Closes: #1034842) - Mishandling of guest SSBD selection on AMD hardware XSA-431 CVE-2022-42336 Checksums-Sha1: cf6e0a473c82f7068f6465bb8e98c936815ab92e 4474 xen_4.17.1+2-gb773c48e36-1.dsc a8aa94204a7ca017ad3e5f223a90df41eb71da70 4657444 xen_4.17.1+2- gb773c48e36.orig.tar.xz de10ac1a5e3a30c5bf934588868df3af606a3616 136776 xen_4.17.1+2- gb773c48e36-1.debian.tar.xz Checksums-Sha256: 8aede813bd03dae9ca51706056fb0fac8005965b164561d4e3fe759ac7c18f45 4474 xen_4.17.1+2-gb773c48e36-1.dsc 3ae62de663574000789ed4bc13285f3ca998324175ca1ceedfba810f12b916f8 4657444 xen_4.17.1+2-gb773c48e36.orig.tar.xz 9a866fad654f5376ac10bc6309204059f82977a04146016d46c34af6b2f060bf 136776 xen_4.17.1+2-gb773c48e36-1.debian.tar.xz Files: 8f6c691ea2394b17957a635ba8402c15 4474 admin optional xen_4.17.1+2- gb773c48e36-1.dsc cf7f3092587b23e1dc616e61360d040e 4657444 admin optional xen_4.17.1+2- gb773c48e36.orig.tar.xz 109ef6512612630ede88d57f03e6c37b 136776 admin optional xen_4.17.1+2- gb773c48e36-1.debian.tar.xzsignature.asc
Description: This is a digitally signed message part.
--- End Message ---