[Git][security-tracker-team/security-tracker][master] xen updates for spu fixes and bullseye EOL
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Dec 6 14:23:02 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f0dddaea by Moritz Muehlenhoff at 2023-12-06T15:21:59+01:00
xen updates for spu fixes and bullseye EOL
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9819,30 +9819,44 @@ CVE-2023-34324 [linux/xen: Possible deadlock in Linux kernel event handling]
NOTE: https://git.kernel.org/linus/87797fad6cce28ec9be3c13f031776ff4f104cfc (6.6-rc6)
CVE-2023-46836 [x86: BTC/SRSO fixes not fully effective]
- xen 4.17.2+76-ge1f9cb16e2-1 (bug #1056928)
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-446.html
CVE-2023-46835 [x86/AMD: mismatch in IOMMU quarantine page table levels]
- xen 4.17.2+76-ge1f9cb16e2-1 (bug #1056928)
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-445.html
CVE-2023-34328 [A PV vCPU can place a breakpoint over the live GDT]
- xen 4.17.2+55-g0b56bed864-1
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-444.html
CVE-2023-34327 [An HVM vCPU can end up operating in the context of a previous vCPUs debug mask state]
- xen 4.17.2+55-g0b56bed864-1
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-444.html
CVE-2023-34325 [Multiple vulnerabilities in libfsimage disk handling]
- xen 4.17.2+55-g0b56bed864-1
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-443.html
CVE-2023-34326 [x86/AMD: missing IOMMU TLB flushing]
- xen 4.17.2+55-g0b56bed864-1
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-442.html
CVE-2023-34323 [xenstored: A transaction conflict can crash C Xenstored]
- xen 4.17.2+55-g0b56bed864-1 (unimportant)
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-440.html
NOTE: Debian uses the ocaml-based xenstored
@@ -14850,14 +14864,14 @@ CVE-2023-40743 (** UNSUPPORTED WHEN ASSIGNED ** When integrating Apache Axis 1.x
NOTE: https://github.com/apache/axis-axis1-java/commit/7e66753427466590d6def0125e448d2791723210
CVE-2023-34322 [top-level shadow reference dropped too early for 64-bit PV guests]
- xen 4.17.2+55-g0b56bed864-1
- [bookworm] - xen <postponed> (Minor issue, fix along in future DSA or point release)
- [bullseye] - xen <postponed> (Minor issue, fix along in future DSA or point release)
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-438.html
CVE-2023-34321 [arm32: The cache may not be properly cleaned/invalidated]
- xen 4.17.2+55-g0b56bed864-1 (bug #1051954)
- [bookworm] - xen <postponed> (Minor issue, fix along in future DSA)
- [bullseye] - xen <no-dsa> (Minor issue, fix along in future DSA)
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-437.html
CVE-2023-4758 (Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV.)
@@ -19686,8 +19700,8 @@ CVE-2023-3971 (An HTML injection flaw was found in Controller in the user interf
NOT-FOR-US: Red Hat Ansible Automation Controller
CVE-2023-34320 [arm: Guests can trigger a deadlock on Cortex-A77]
- xen 4.17.2-1
- [bookworm] - xen <no-dsa> (Minor issue)
- [bullseye] - xen <no-dsa> (Minor issue)
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://www.openwall.com/lists/oss-security/2023/08/01/1
NOTE: https://xenbits.xen.org/xsa/advisory-436.html
@@ -73679,8 +73693,8 @@ CVE-2023-20588 (A division-by-zero error on some AMD processors can potentially
- linux 6.4.13-1
[bullseye] - linux 5.10.197-1
- xen 4.17.2+55-g0b56bed864-1
- [bookworm] - xen <postponed> (Minor issue, fix along in future DSA or point release)
- [bullseye] - xen <postponed> (Minor issue, fix along in future DSA or point release)
+ [bookworm] - xen <no-dsa> (Will be fixed via point release)
+ [bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7007.html
NOTE: https://git.kernel.org/linus/77245f1c3c6495521f6a3af082696ee2f8ce3921
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0dddaeaa6d85d9bf55789e3b8460603ab0296eb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0dddaeaa6d85d9bf55789e3b8460603ab0296eb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231206/a8b830a0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list