Project

General

Profile

Bug #9843

xen: Multiple vulnerabilities (CVE-2018-19961, CVE-2018-19962, CVE-2018-18883, CVE-2018-19965, CVE-2018-19966, CVE-2018-19967)

Added by Alicha CH 4 months ago. Updated 3 months ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
-
Start date:
01/10/2019
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:
CVE-2018-19961, CVE-2018-19962, CVE-2018-18883, CVE-2018-19965, CVE-2018-19966, CVE-2018-19967

Description

CVE-2018-19961, CVE-2018-19962, XSA-275: insufficient TLB flushing / improper large page mappings with AMD IOMMUs

Reference:

http://xenbits.xen.org/xsa/advisory-275.html

CVE-2018-18883, XSA-278: x86: Nested VT-x usable even when disabled

Reference:

http://xenbits.xen.org/xsa/advisory-278.html

CVE-2018-19965, XSA-279: x86: DoS from attempting to use INVPCID with a non-canonical addresses

Reference:

http://xenbits.xen.org/xsa/advisory-279.html

CVE-2018-19966, XSA-280: Fix for XSA-240 conflicts with shadow paging

Reference:

http://xenbits.xen.org/xsa/advisory-280.html

CVE-2018-19967, XSA-282: guest use of HLE constructs may lock up host

Reference:

http://xenbits.xen.org/xsa/advisory-282.html


Subtasks

Bug #9844: [3.8] xen: Multiple vulnerabilities (CVE-2018-19961, CVE-2018-19962, CVE-2018-18883, CVE-2018-19965, CVE-2018-19966, CVE-2018-19967)ClosedWilliam Pitcock

Bug #9845: [3.7] xen: Multiple vulnerabilities (CVE-2018-19961, CVE-2018-19962, CVE-2018-18883, CVE-2018-19965, CVE-2018-19966, CVE-2018-19967)ClosedWilliam Pitcock

Bug #9846: [3.6] xen: Multiple vulnerabilities (CVE-2018-19961, CVE-2018-19962, CVE-2018-19965, CVE-2018-19966, CVE-2018-19967)ClosedWilliam Pitcock

History

#1 Updated by Leonardo Arena 4 months ago

  • Status changed from New to Resolved

#2 Updated by Alicha CH 3 months ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security

#3 Updated by Alicha CH 3 months ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF