OVMSA-2020-0038

OVMSA-2020-0038 - xen security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-08-26

Description

[4.4.4-222.0.26.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=4e20c4a527d177048e77b2daa6201731fdcdc584
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional commit=cf459aa4ae4ff6b7bfc208006b47c9992642c4cf
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- redtape: QEMU-traditional: usb: fix setup_len init (CVE-2020-14364) (Patrick Colp) [Orabug: 31780712] {CVE-2020-14364}
- usb: fix setup_len init (CVE-2020-14364) (Gerd Hoffmann) [Orabug: 31780712] {CVE-2020-14364} {CVE-2020-14364}

[4.4.4-222.0.25.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=dffcb5098a9c58a2a59e792b1ded0ab46227d1ff
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional commit=6e676a4ba6bbd437a2a8dbfc3c6e591d920b013b
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- x86: skip further initialization for idle domains (Joe Jin) [Orabug: 31543204]

Related CVEs

CVE-2020-14364

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle VM 3.4 (x86_64)	xen-4.4.4-222.0.26.el6.src.rpm	5d26942522f54874ac928c3e9d334466cf6e199fb8d676c7aaa3096f7648ab9f	OVMBA-2024-0012	ovm34_x86_64_latest
	xen-4.4.4-222.0.26.el6.x86_64.rpm	0da9205b0f751bf91a9a7387dd499fe6b2f48a29a0e0c0a227f65658b27f1df8	OVMBA-2024-0012	ovm34_x86_64_latest
	xen-tools-4.4.4-222.0.26.el6.x86_64.rpm	5ca0e2bb6690a598cf83464d47401080921079471aae086326a8ac74f4fe7244	OVMBA-2024-0012	ovm34_x86_64_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team