[Git][security-tracker-team/security-tracker][master] xen fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Nov 16 13:35:34 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9dce62de by Moritz Muehlenhoff at 2022-11-16T14:35:00+01:00
xen fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11202,98 +11202,98 @@ CVE-2022-42329
CVE-2022-42328
RESERVED
CVE-2022-42327 (x86: unintended memory sharing between guests On Intel systems that su ...)
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[bullseye] - xen <not-affected> (Vulnerable code introduced later in 4.16)
[buster] - xen <not-affected> (Vulnerable code introduced later in 4.16)
NOTE: https://xenbits.xen.org/xsa/advisory-412.html
CVE-2022-42326 (Xenstore: Guests can create arbitrary number of nodes via transactions ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-421.html
CVE-2022-42325 (Xenstore: Guests can create arbitrary number of nodes via transactions ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-421.html
CVE-2022-42324 (Oxenstored 32->31 bit integer truncation issues Integers in Ocaml a ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-420.html
CVE-2022-42323 (Xenstore: Cooperating guests can create arbitrary numbers of nodes T[h ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-419.html
CVE-2022-42322 (Xenstore: Cooperating guests can create arbitrary numbers of nodes T[h ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-419.html
CVE-2022-42321 (Xenstore: Guests can crash xenstored via exhausting the stack Xenstore ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-418.html
CVE-2022-42320 (Xenstore: Guests can get access to Xenstore nodes of deleted domains A ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-417.html
CVE-2022-42319 (Xenstore: Guests can cause Xenstore to not free temporary memory When ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-416.html
CVE-2022-42318 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42317 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42316 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42315 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42314 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42313 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42312 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42311 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
CVE-2022-42310 (Xenstore: Guests can create orphaned Xenstore nodes By creating multip ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-415.html
CVE-2022-42309 (Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-11 ...)
{DSA-5272-1}
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-414.html
CVE-2022-42308 (An issue was discovered in Veritas NetBackup through 8.2 and related V ...)
@@ -33986,17 +33986,17 @@ CVE-2022-33749 (XAPI open file limit DoS It is possible for an unauthenticated c
NOTE: https://xenbits.xen.org/xsa/advisory-413.html
CVE-2022-33748 (lock order inversion in transitive grant copy handling As part of XSA- ...)
{DSA-5272-1}
- - xen <unfixed> (bug #1021668)
+ - xen 4.16.2+90-g0d39a6d1ae-1 (bug #1021668)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-411.html
CVE-2022-33747 (Arm: unbounded memory consumption for 2nd-level page tables Certain ac ...)
{DSA-5272-1}
- - xen <unfixed> (bug #1021668)
+ - xen 4.16.2+90-g0d39a6d1ae-1 (bug #1021668)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-409.html
CVE-2022-33746 (P2M pool freeing may take excessively long The P2M pool backing second ...)
{DSA-5272-1}
- - xen <unfixed> (bug #1021668)
+ - xen 4.16.2+90-g0d39a6d1ae-1 (bug #1021668)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-410.html
CVE-2022-33745 (insufficient TLB flush for x86 PV guests in shadow mode For migration ...)
@@ -63463,7 +63463,7 @@ CVE-2022-23825 (Aliases in the branch predictor may cause some AMD processors to
NOTE: https://xenbits.xen.org/xsa/advisory-422.html
NOTE: https://www.amd.com/system/files/documents/technical-guidance-for-mitigating-branch-type-confusion.pdf
CVE-2022-23824 (IBPB may not prevent return branch predictions from being specified by ...)
- - xen <unfixed>
+ - xen 4.16.2+90-g0d39a6d1ae-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-422.html
NOTE: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1040
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dce62deb99d0bd75f8bcbb7c890bea03bb59686
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dce62deb99d0bd75f8bcbb7c890bea03bb59686
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221116/dc75a579/attachment.htm>
More information about the debian-security-tracker-commits
mailing list