** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-23042
** Description changed: The packages listed above are vulnerable to the CVEs below in at least - one Ubuntu release, as stated in the Ubuntu CVE Tracker. + one Ubuntu release, as stated in the Ubuntu CVE Tracker, except for + linux-azure-4.15, linux-dell300x, linux-gcp-4.15 and linux-snapdragon, + that are only vulnerable to CVE-2022-23041. Please release fixed packages. Xen released a security advisory on March 10. (I was informed by the security team that it does not track security issues via Launchpad bugs, but in the Ubuntu CVE Tracker. However, the issue is unpatched for over 2.5 months and marked as needed for these combinations of source package and Ubuntu version in the Tracker, and therefore I am filing this bug.) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1976184 Title: Linux PV device frontends vulnerable to attacks by backends To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1976184/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
