Security update for xen
This update for xen fixes the following issues:
- CVE-2021-28702: Fixed PCI devices with RMRRs not deassigned correctly (XSA-386) (bsc#1191363).
- CVE-2021-28704, CVE-2021-28707, CVE-2021-28708: Fixed PoD operations on misaligned GFNs (XSA-388) (bsc#1192557).
- CVE-2021-28705, CVE-2021-28709: Fixed issues with partially successful P2M updates on x86 (XSA-389) (bsc#1192559).
- CVE-2021-28706: Fixed guests may exceed their designated memory limit (XSA-385) (bsc#1192554).
- Update to Xen 4.13.4 bug fix release (bsc#1027519).
This update was imported from the SUSE:SLE-15-SP2:Update update project.
-
Submitted by
Charles Arnold (charlesa)
- Reboot is suggested
Fixed bugs
bnc#1027519
Xen: Missing upstream bug fixes
bnc#1191363
VUL-0: CVE-2021-28702: xen: PCI devices with RMRRs not deassigned correctly (XSA-386)
bnc#1192554
VUL-0: EMBARGOED: CVE-2021-28706: xen: guests may exceed their designated memory limit (XSA-385)
bnc#1192557
VUL-0: EMBARGOED: CVE-2021-28704,CVE-2021-28707,CVE-2021-28708: xen: PoD operations on misaligned GFNs (XSA-388)
bnc#1192559
VUL-0: EMBARGOED: CVE-2021-28705,CVE-2021-28709: xen: issues with partially successful P2M updates on x86 (XSA-389)
