File _patchinfo of Package patchinfo.6985
<patchinfo incident="6985"> <issue id="1072834" tracker="bnc">Xen HVM: unchecked MSR access error: RDMSR from 0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30)</issue> <issue id="1027519" tracker="bnc">Xen: Missing upstream bug fixes</issue> <issue id="1074562" tracker="bnc">VUL-0: xen: Information leak via side effects of speculative execution (XSA-254)</issue> <issue id="1080635" tracker="bnc">VUL-0: CVE-2018-7540: xen: DoS via non-preemptable L3/L4 pagetable freeing (XSA-252)</issue> <issue id="1080662" tracker="bnc">VUL-0: CVE-2018-7541: xen: grant table v2 -> v1 transition may crash Xen (XSA-255)</issue> <issue id="1087251" tracker="bnc">crash can not read vmcore from xen-dbg.gz</issue> <issue id="2017-5715" tracker="cve" /> <issue id="2017-5753" tracker="cve" /> <issue id="2017-5754" tracker="cve" /> <issue id="2018-7541" tracker="cve" /> <issue id="2018-7540" tracker="cve" /> <issue id="324965" tracker="fate" /> <category>security</category> <rating>important</rating> <packager>charlesa</packager> <description> This update for xen fixes the following issues: Update to Xen 4.7.5 bug fix only release (bsc#1027519) Security issues fixed: - CVE-2018-7540: Fixed DoS via non-preemptable L3/L4 pagetable freeing (XSA-252) (bsc#1080635) - CVE-2018-7541: A grant table v2 -> v1 transition may crash Xen (XSA-255) (bsc#1080662) - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 Fixed information leaks via side effects of speculative execution (XSA-254). Includes Spectre v2 mitigation. (bsc#1074562) - Preserve xen-syms from xen-dbg.gz to allow processing vmcores with crash(1) (bsc#1087251) - Xen HVM: Fixed unchecked MSR access error (bsc#1072834) - Add script, udev rule and systemd service to watch for vcpu online/offline events in a HVM domU They are triggered via xl vcpu-set domU N (fate#324965) - Make sure tools and tools-domU require libs from the very same build </description> <summary>Security update for xen</summary> </patchinfo>
