SECURITY: Fedora 35 Update: xen-4.15.3-7.fc35
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-99af00f60e
2022-11-17 01:31:23.157994
--------------------------------------------------------------------------------
Name : xen
Product : Fedora 35
Version : 4.15.3
Release : 7.fc35
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor
--------------------------------------------------------------------------------
Update Information:
Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309] Xenstore: Guests
can create orphaned Xenstore nodes [XSA-415, CVE-2022-42310] Xenstore: guests
can let run xenstored out of memory [XSA-326, CVE-2022-42311, CVE-2022-42312,
CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317,
CVE-2022-42318] Xenstore: Guests can cause Xenstore to not free temporary memory
[XSA-416, CVE-2022-42319] Xenstore: Guests can get access to Xenstore nodes of
deleted domains [XSA-417, CVE-2022-42320] Xenstore: Guests can crash xenstored
via exhausting the stack [XSA-418, CVE-2022-42321] Xenstore: Cooperating guests
can create arbitrary numbers of nodes [XSA-419, CVE-2022-42322, CVE-2022-42323]
Oxenstored 32->31 bit integer truncation issues [XSA-420, CVE-2022-42324]
Xenstore: Guests can create arbitrary number of nodes via transactions [XSA-421,
CVE-2022-42325, CVE-2022-42326] ---- add patch to fix an incorrect backport
Arm: unbounded memory consumption for 2nd-level page tables [XSA-409,
CVE-2022-33747] (#2135268) P2M pool freeing may take excessively long [XSA-410,
CVE-2022-33746] (#2135641) lock order inversion in transitive grant copy
handling [XSA-411, CVE-2022-33748] (#2135263)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 1 2022 Michael Young - 4.15.3-7
- Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309]
- Xenstore: Guests can create orphaned Xenstore nodes [XSA-415,
CVE-2022-42310]
- Xenstore: guests can let run xenstored out of memory [XSA-326,
CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314,
CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318]
- Xenstore: Guests can cause Xenstore to not free temporary memory
[XSA-416, CVE-2022-42319]
- Xenstore: Guests can get access to Xenstore nodes of deleted domains
[XSA-417, CVE-2022-42320]
- Xenstore: Guests can crash xenstored via exhausting the stack
[XSA-418, CVE-2022-42321]
- Xenstore: Cooperating guests can create arbitrary numbers of nodes
[XSA-419, CVE-2022-42322, CVE-2022-42323]
- Oxenstored 32->31 bit integer truncation issues [XSA-420, CVE-2022-42324]
- Xenstore: Guests can create arbitrary number of nodes via transactions
[XSA-421, CVE-2022-42325, CVE-2022-42326]
* Tue Oct 18 2022 Michael Young - 4.15.3-6
- add patch to fix an incorrect backport
* Tue Oct 18 2022 Michael Young - 4.15.3-5
- Arm: unbounded memory consumption for 2nd-level page tables [XSA-409,
CVE-2022-33747] (#2135268)
- P2M pool freeing may take excessively long [XSA-410, CVE-2022-33746]
(#2135641)
- lock order inversion in transitive grant copy handling [XSA-411,
CVE-2022-33748] (#2135263)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2135262 - CVE-2022-33748 xen: lock order inversion in transitive grant copy handling
https://bugzilla.redhat.com/show_bug.cgi?id=2135262
[ 2 ] Bug #2135267 - CVE-2022-33747 xen: unbounded memory consumption for 2nd-level page tables
https://bugzilla.redhat.com/show_bug.cgi?id=2135267
[ 3 ] Bug #2135640 - CVE-2022-33746 xen: P2M pool freeing may take excessively long
https://bugzilla.redhat.com/show_bug.cgi?id=2135640
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-99af00f60e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
A xen security update has been released for Fedora 35.
