[Xen-devel] Xen Security Advisory 247 - Missing p2m error checking in PoD code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-247 version 2 Missing p2m error checking in PoD code UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 245 (CVE-2017-17046) - ARM: Some memory not scrubbed at boot

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-17046 / XSA-245 version 2 ARM: Some memory not scrubbed at boot UPDATES IN VERSION 2 CVE assigned. NOTE REGARDING LACK OF EMBARGO

[Xen-devel] Xen Security Advisory 247 (CVE-2017-17045) - Missing p2m error checking in PoD code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-17045 / XSA-247 version 3 Missing p2m error checking in PoD code UPDATES IN VERSION 3 CVE assigned. Fixed "Reported-by" tags in patch

[Xen-devel] Xen Security Advisory 246 (CVE-2017-17044) - x86: infinite loop due to missing PoD error checking

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-17044 / XSA-246 version 3 x86: infinite loop due to missing PoD error checking UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 238 (CVE-2017-15591) - DMOP map/unmap missing argument checks

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-15591 / XSA-238 version 3 DMOP map/unmap missing argument checks UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 249 - broken x86 shadow mode refcount overflow check

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-249 version 2 broken x86 shadow mode refcount overflow check UPDATES IN VERSION 2 Public release. Provide metadata file. ISSUE

[Xen-devel] Xen Security Advisory 251 - improper bug check in x86 log-dirty handling

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-251 version 2 improper bug check in x86 log-dirty handling UPDATES IN VERSION 2 Public release. Provide information for Xen

[Xen-devel] Xen Security Advisory 250 - improper x86 shadow mode refcount error handling

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-250 version 2 improper x86 shadow mode refcount error handling UPDATES IN VERSION 2 Public release. Provide metadata file. ISSUE

[Xen-devel] Xen Security Advisory 248 - x86 PV guests may gain access to internally used pages

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-248 version 2 x86 PV guests may gain access to internally used pages UPDATES IN VERSION 2 Public release. Provide metadata file. ISSUE

[Xen-devel] Xen Security Advisory 261 (CVE-2018-10982) - x86 vHPET interrupt injection errors

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-10982 / XSA-261 version 3 x86 vHPET interrupt injection errors UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 262 (CVE-2018-10981) - qemu may drive Xen into unbounded loop

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-10981 / XSA-262 version 3 qemu may drive Xen into unbounded loop UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 262 - qemu may drive Xen into unbounded loop

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-262 version 2 qemu may drive Xen into unbounded loop UPDATES IN VERSION 2 Public release. Updated .meta file ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 261 - x86 vHPET interrupt injection errors

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-261 version 2 x86 vHPET interrupt injection errors UPDATES IN VERSION 2 Versions 3.1 ... 3.3 don't appear to be vulnerable. Public

[Xen-devel] Xen Security Advisory 260 (CVE-2018-8897) - x86: mishandling of debug exceptions

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-8897 / XSA-260 version 2 x86: mishandling of debug exceptions UPDATES IN VERSION 2 Public release. Updated .meta file ISSUE

[Xen-devel] Xen Security Advisory 266 (CVE-2018-12892) - libxl fails to honour readonly flag on HVM emulated SCSI disks

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-12892 / XSA-266 version 3 libxl fails to honour readonly flag on HVM emulated SCSI disks UPDATES IN VERSION 3 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guest

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-12893 / XSA-265 version 3 x86: #DB exception safety check can be triggered by a guest UPDATES IN VERSION 3 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 264 (CVE-2018-12891) - preemption checks bypassed in x86 PV MM handling

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-12891 / XSA-264 version 3 preemption checks bypassed in x86 PV MM handling UPDATES IN VERSION 3 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 258 (CVE-2018-10472) - Information leak via crafted user-supplied CDROM

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-10472 / XSA-258 version 3 Information leak via crafted user-supplied CDROM UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 259 (CVE-2018-10471) - x86: PV guest may crash Xen with XPTI

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-10471 / XSA-259 version 3 x86: PV guest may crash Xen with XPTI UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 254 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) - Information leak via side effects of speculative execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254 version 3 Information leak via side effects of speculative execution UPDATES IN VERSION 3 Add information

[Xen-devel] Xen Security Advisory 249 (CVE-2017-17563) - broken x86 shadow mode refcount overflow check

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-17563 / XSA-249 version 3 broken x86 shadow mode refcount overflow check UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 250 (CVE-2017-17564) - improper x86 shadow mode refcount error handling

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-17564 / XSA-250 version 3 improper x86 shadow mode refcount error handling UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 253 (CVE-2018-5244) - x86: memory leak with MSR emulation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-5244 / XSA-253 version 3 x86: memory leak with MSR emulation UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 254 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) - Information leak via side effects of speculative execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254 version 9 Information leak via side effects of speculative execution UPDATES IN VERSION 9 "Stage 1" pagetable

[Xen-devel] Xen Security Advisory 254 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) - Information leak via side effects of speculative execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254 version 8 Information leak via side effects of speculative execution UPDATES IN VERSION 8 PVH shim ("Comet")

[Xen-devel] Xen Security Advisory 254 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) - Information leak via side effects of speculative execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254 version 7 Information leak via side effects of speculative execution UPDATES IN VERSION 7 PVH shim ("Comet")

[Xen-devel] Xen Security Advisory 254 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) - Information leak via side effects of speculative execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254 version 4 Information leak via side effects of speculative execution UPDATES IN VERSION 4 Added README for

[Xen-devel] Xen Security Advisory 254 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) - Information leak via side effects of speculative execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254 version 11 Information leak via side effects of speculative execution UPDATES IN VERSION 11 = Information

[Xen-devel] Xen Security Advisory 254 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) - Information leak via side effects of speculative execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254 version 12 Information leak via side effects of speculative execution UPDATES IN VERSION 12 = Corrections to

[Xen-devel] Xen Security Advisory 254 - Information leak via side effects of speculative execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-254 Information leak via side effects of speculative execution ISSUE DESCRIPTION = Processors give the illusion of a sequence of instructions executed one-by-one. However, in

[Xen-devel] Xen Security Advisory 253 - x86: memory leak with MSR emulation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-253 version 2 x86: memory leak with MSR emulation UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION = In Xen

[Xen-devel] Xen Security Advisory 274 v2 (CVE-2018-14678) - Linux: Uninitialized state in x86 PV failsafe callback path

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-14678 / XSA-274 version 2 Linux: Uninitialized state in x86 PV failsafe callback path UPDATES IN VERSION 2 CVE assigned. Fix the title to refer

[Xen-devel] Xen Security Advisory 274 v3 (CVE-2018-14678) - Linux: Uninitialized state in x86 PV failsafe callback path

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-14678 / XSA-274 version 3 Linux: Uninitialized state in x86 PV failsafe callback path UPDATES IN VERSION 3 Fix spelling in CREDITS. ISSUE

[Xen-devel] Xen Security Advisory 268 v2 - Use of v2 grant tables may cause crash on ARM

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-268 version 2 Use of v2 grant tables may cause crash on ARM UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 271 v2 (CVE-2018-14007) - XAPI HTTP directory traversal

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-14007 / XSA-271 version 2 XAPI HTTP directory traversal UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 269 v2 - x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-269 version 2 x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 270 v2 - Linux netback driver OOB access in hash handling

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-270 version 2 Linux netback driver OOB access in hash handling UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 272 v2 - oxenstored does not apply quota-maxentity

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-272 version 2 oxenstored does not apply quota-maxentity UPDATES IN VERSION 2 Ammend patch to reference XSA-272 in the commit message.

[Xen-devel] Xen Security Advisory 273 v1 (CVE-2018-3620, CVE-2018-3646) - L1 Terminal Fault speculative side channel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-3620,CVE-2018-3646 / XSA-273 L1 Terminal Fault speculative side channel ISSUE DESCRIPTION = In x86 nomenclature, a Terminal Fault is a pagetable walk which aborts due to the page

[Xen-devel] Xen Security Advisory 270 v3 (CVE-2018-15471) - Linux netback driver OOB access in hash handling

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-15471 / XSA-270 version 3 Linux netback driver OOB access in hash handling UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 272 v3 (CVE-2018-15470) - oxenstored does not apply quota-maxentity

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-15470 / XSA-272 version 3 oxenstored does not apply quota-maxentity UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 269 v3 (CVE-2018-15468) - x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-15468 / XSA-269 version 3 x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 268 v3 (CVE-2018-15469) - Use of v2 grant tables may cause crash on ARM

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-15469 / XSA-268 version 3 Use of v2 grant tables may cause crash on ARM UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 274 - Linux: Uninitialized state in PV syscall return path

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-274 Linux: Uninitialized state in PV syscall return path ISSUE DESCRIPTION = Linux has a `failsafe` callback, invoked by Xen under certain conditions. Normally in this

[Xen-devel] Xen Security Advisory 255 (CVE-2018-7541) - grant table v2 -> v1 transition may crash Xen

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-7541 / XSA-255 version 4 grant table v2 -> v1 transition may crash Xen UPDATES IN VERSION 4 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 252 (CVE-2018-7540) - DoS via non-preemptable L3/L4 pagetable freeing

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-7540 / XSA-252 version 3 DoS via non-preemptable L3/L4 pagetable freeing UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 256 (CVE-2018-7542) - x86 PVH guest without LAPIC may DoS the host

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-7542 / XSA-256 version 3 x86 PVH guest without LAPIC may DoS the host UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 258 - Information leak via crafted user-supplied CDROM

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-258 version 2 Information leak via crafted user-supplied CDROM UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 259 - x86: PV guest may crash Xen with XPTI

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-259 version 2 x86: PV guest may crash Xen with XPTI UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION = The

[Xen-devel] Xen Security Advisory 256 - x86 PVH guest without LAPIC may DoS the host

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-256 version 2 x86 PVH guest without LAPIC may DoS the host UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION = So

[Xen-devel] Xen Security Advisory 252 - DoS via non-preemptable L3/L4 pagetable freeing

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-252 version 2 DoS via non-preemptable L3/L4 pagetable freeing UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 255 - grant table v2 -> v1 transition may crash Xen

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-255 version 3 grant table v2 -> v1 transition may crash Xen UPDATES IN VERSION 3 Public release. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 278 v1 - x86: Nested VT-x usable even when disabled

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-278 x86: Nested VT-x usable even when disabled ISSUE DESCRIPTION = When running HVM guests, virtual extensions are enabled in hardware because Xen is using them. As a

[Xen-devel] Xen Security Advisory 278 v2 (CVE-2018-18883) - x86: Nested VT-x usable even when disabled

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-18883 / XSA-278 version 2 x86: Nested VT-x usable even when disabled UPDATES IN VERSION 2 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 282 v1 - guest use of HLE constructs may lock up host

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-282 guest use of HLE constructs may lock up host ISSUE DESCRIPTION = Various Intel CPU models have an erratum listed under the title "Processor May Hang When Executing

[Xen-devel] Xen Security Advisory 275 v2 - insufficient TLB flushing / improper large page mappings with AMD IOMMUs

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-275 version 2 insufficient TLB flushing / improper large page mappings with AMD IOMMUs UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 277 v2 - x86: incorrect error handling for guest p2m page removals

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-277 version 2 x86: incorrect error handling for guest p2m page removals UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 279 v2 - x86: DoS from attempting to use INVPCID with a non-canonical addresses

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-279 version 2 x86: DoS from attempting to use INVPCID with a non-canonical addresses UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 276 v2 - resource accounting issues in x86 IOREQ server handling

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-276 version 2 resource accounting issues in x86 IOREQ server handling UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 280 v2 - Fix for XSA-240 conflicts with shadow paging

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-280 version 2 Fix for XSA-240 conflicts with shadow paging UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 279 v3 (CVE-2018-19965) - x86: DoS from attempting to use INVPCID with a non-canonical addresses

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-19965 / XSA-279 version 3 x86: DoS from attempting to use INVPCID with a non-canonical addresses UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 282 v2 (CVE-2018-19967) - guest use of HLE constructs may lock up host

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-19967 / XSA-282 version 2 guest use of HLE constructs may lock up host UPDATES IN VERSION 2 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 280 v3 (CVE-2018-19966) - Fix for XSA-240 conflicts with shadow paging

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-19966 / XSA-280 version 3 Fix for XSA-240 conflicts with shadow paging UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 277 v3 (CVE-2018-19964) - x86: incorrect error handling for guest p2m page removals

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-19964 / XSA-277 version 3 x86: incorrect error handling for guest p2m page removals UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 276 v3 (CVE-2018-19963) - resource accounting issues in x86 IOREQ server handling

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-19963 / XSA-276 version 3 resource accounting issues in x86 IOREQ server handling UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 275 v3 (CVE-2018-19961, CVE-2018-19962) - insufficient TLB flushing / improper large page mappings with AMD IOMMUs

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-19961,CVE-2018-19962 / XSA-275 version 3 insufficient TLB flushing / improper large page mappings with AMD IOMMUs UPDATES IN VERSION 3 CVEs assigned. ISSUE

[Xen-devel] Xen Security Advisory 283 v2 - Withdrawn Xen Security Advisory number

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-283 version 2 Withdrawn Xen Security Advisory number SUMMARY === The advisory XSA-283 has been withdrawn. This is because, on further analysis, we have

[Xen-devel] Xen Security Advisory 294 v2 - x86 shadow: Insufficient TLB flushing when using PCID

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-294 version 2 x86 shadow: Insufficient TLB flushing when using PCID UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 290 v2 - missing preemption in x86 PV page table unvalidation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-290 version 2 missing preemption in x86 PV page table unvalidation UPDATES IN VERSION 2 Metadata updated to remove dependency on XSA-283.

[Xen-devel] Xen Security Advisory 284 v2 - grant table transfer issues on large hosts

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-284 version 2 grant table transfer issues on large hosts UPDATES IN VERSION 2 Metadata updated to remove dependency on XSA-283. Public

[Xen-devel] Xen Security Advisory 285 v2 - race with pass-through device hotplug

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-285 version 2 race with pass-through device hotplug UPDATES IN VERSION 2 Metadata updated to remove dependency on XSA-283. Public

[Xen-devel] Xen Security Advisory 292 v2 - x86: insufficient TLB flushing when using PCID

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-292 version 2 x86: insufficient TLB flushing when using PCID UPDATES IN VERSION 2 Metadata updated to remove dependency on XSA-283.

[Xen-devel] Xen Security Advisory 287 v2 - x86: steal_page violates page_struct access discipline

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-287 version 2 x86: steal_page violates page_struct access discipline UPDATES IN VERSION 2 Metadata updated to remove dependency on XSA-283.

[Xen-devel] Xen Security Advisory 288 v2 - x86: Inconsistent PV IOMMU discipline

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-288 version 2 x86: Inconsistent PV IOMMU discipline UPDATES IN VERSION 2 Metadata updated to remove dependency on XSA-283. 4.7

[Xen-devel] Xen Security Advisory 291 v2 - x86/PV: page type reference counting issue with failed IOMMU update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-291 version 2 x86/PV: page type reference counting issue with failed IOMMU update UPDATES IN VERSION 2 Metadata updated to remove dependency on

[Xen-devel] Xen Security Advisory 300 v1 - Linux: No grant table and foreign mapping limits

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-300 Linux: No grant table and foreign mapping limits ISSUE DESCRIPTION = Virtual device backends and device models running in domain 0, or other backend driver domains,

[Xen-devel] Xen Security Advisory 300 v2 - Linux: No grant table and foreign mapping limits

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-300 version 2 Linux: No grant table and foreign mapping limits UPDATES IN VERSION 2 Drop inapplicable "Deployment during embargo"

[Xen-devel] Xen Security Advisory 304 v1 (CVE-2018-12207) - x86: Machine Check Error on Page Size Change DoS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2018-12207 / XSA-304 x86: Machine Check Error on Page Size Change DoS ISSUE DESCRIPTION = An erratum exists across some CPUs whereby an instruction fetch may cause a machine check

[Xen-devel] Xen Security Advisory 308 v3 (CVE-2019-19583) - VMX: VMentry failure with debug exceptions and blocked states

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-19583 / XSA-308 version 3 VMX: VMentry failure with debug exceptions and blocked states UPDATES IN VERSION 3 Public release. Updated metadata to

[Xen-devel] Xen Security Advisory 310 v3 (CVE-2019-19580) - Further issues with restartable PV type change operations

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-19580 / XSA-310 version 3 Further issues with restartable PV type change operations UPDATES IN VERSION 3 Public release. Updated metadata to add

[Xen-devel] Xen Security Advisory 309 v3 (CVE-2019-19578) - Linear pagetable use / entry miscounts

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-19578 / XSA-309 version 3 Linear pagetable use / entry miscounts UPDATES IN VERSION 3 Public release. Updated metadata to add 4.13,

[Xen-devel] Xen Security Advisory 311 v4 (CVE-2019-19577) - Bugs in dynamic height handling for AMD IOMMU pagetables

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-19577 / XSA-311 version 4 Bugs in dynamic height handling for AMD IOMMU pagetables UPDATES IN VERSION 4 Public release. Re-base 4.12 patch

[Xen-devel] Xen Security Advisory 307 v3 (CVE-2019-19581, CVE-2019-19582) - find_next_bit() issues

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-19581,CVE-2019-19582 / XSA-307 version 3 find_next_bit() issues UPDATES IN VERSION 3 Public release. Updated metadata to add 4.13,

[Xen-devel] Xen Security Advisory 306 v3 (CVE-2019-19579) - Device quarantine for alternate pci assignment methods

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-19579 / XSA-306 version 3 Device quarantine for alternate pci assignment methods UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 292 v3 (CVE-2019-17346) - x86: insufficient TLB flushing when using PCID

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-17346 / XSA-292 version 3 x86: insufficient TLB flushing when using PCID UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 287 v3 (CVE-2019-17342) - x86: steal_page violates page_struct access discipline

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-17342 / XSA-287 version 3 x86: steal_page violates page_struct access discipline UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 284 v3 (CVE-2019-17340) - grant table transfer issues on large hosts

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-17340 / XSA-284 version 3 grant table transfer issues on large hosts UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 291 v3 (CVE-2019-17345) - x86/PV: page type reference counting issue with failed IOMMU update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-17345 / XSA-291 version 3 x86/PV: page type reference counting issue with failed IOMMU update UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 285 v3 (CVE-2019-17341) - race with pass-through device hotplug

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-17341 / XSA-285 version 3 race with pass-through device hotplug UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 290 v3 (CVE-2019-17344) - missing preemption in x86 PV page table unvalidation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-17344 / XSA-290 version 3 missing preemption in x86 PV page table unvalidation UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 294 v3 (CVE-2019-17348) - x86 shadow: Insufficient TLB flushing when using PCID

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-17348 / XSA-294 version 3 x86 shadow: Insufficient TLB flushing when using PCID UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 300 v3 (CVE-2019-17351) - Linux: No grant table and foreign mapping limits

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-17351 / XSA-300 version 3 Linux: No grant table and foreign mapping limits UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 288 v3 (CVE-2019-17343) - x86: Inconsistent PV IOMMU discipline

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-17343 / XSA-288 version 3 x86: Inconsistent PV IOMMU discipline UPDATES IN VERSION 3 CVE assigned. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 306 v2 - Device quarantine for alternate pci assignment methods

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-306 version 2 Device quarantine for alternate pci assignment methods UPDATES IN VERSION 2 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 298 v3 (CVE-2019-18425) - missing descriptor table limit checking in x86 PV emulation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-18425 / XSA-298 version 3 missing descriptor table limit checking in x86 PV emulation UPDATES IN VERSION 3 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 296 v4 (CVE-2019-18420) - VCPUOP_initialise DoS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-18420 / XSA-296 version 4 VCPUOP_initialise DoS UPDATES IN VERSION 4 Public release. ISSUE DESCRIPTION =

[Xen-devel] Xen Security Advisory 301 v3 (CVE-2019-18423) - add-to-physmap can be abused to DoS Arm hosts

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-18423 / XSA-301 version 3 add-to-physmap can be abused to DoS Arm hosts UPDATES IN VERSION 3 Public release. ISSUE DESCRIPTION

[Xen-devel] Xen Security Advisory 303 v4 (CVE-2019-18422) - ARM: Interrupts are unconditionally unmasked in exception handlers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-18422 / XSA-303 version 4 ARM: Interrupts are unconditionally unmasked in exception handlers UPDATES IN VERSION 4 Fix typoes in the series and add

[Xen-devel] Xen Security Advisory 302 v5 (CVE-2019-18424) - passed through PCI devices may corrupt host memory after deassignment

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory CVE-2019-18424 / XSA-302 version 5 passed through PCI devices may corrupt host memory after deassignment UPDATES IN VERSION 5 Public release. The patches are

[Xen-devel] Xen Security Advisory 312 v1 - arm: a CPU may speculate past the ERET instruction

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Xen Security Advisory XSA-312 arm: a CPU may speculate past the ERET instruction ISSUE DESCRIPTION = Some CPUs can speculate past an ERET instruction and potentially perform speculative accesses to

  1   2   3   >