OVMSA-2021-0033 - xen security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2021-10-07 |
Description
[4.4.4-222.0.42.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=e648ffdcf91e7b77229705ce5ba1d4446fe17660
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional commit=4a8ded640f04b41cdb15ce7c4c0a2c812c1b9e4d
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- gnttab: replace mapkind() (Jan Beulich) [Orabug: 33215771] {CVE-2021-28698} {CVE-2021-28698}
- gnttab: add preemption check to gnttab_release_mappings() (Jan Beulich) [Orabug: 33215771] {CVE-2021-28698} {CVE-2021-28698}
- xe/grant: Limit availability of version 2 of grant table interfaces. (Boris Ostrovsky) [Orabug: 33215748] {CVE-2021-28697} {CVE-2021-28701}
- pci: Do not allow passthrough on AMD systems (Boris Ostrovsky) [Orabug: 33215714] {CVE-2021-28695} {CVE-2021-28696} {CVE-2021-28695} {CVE-2021-28696}
- x86/p2m: guard (in particular) identity mapping entries (Jan Beulich) [Orabug: 33215714] {CVE-2021-28694} {CVE-2021-28694}
- x86/p2m: introduce p2m_is_special() (Jan Beulich) [Orabug: 33215714] {CVE-2021-28694}
- x86/p2m: don't assert that the passed in MFN matches for a remove (Jan Beulich) [Orabug: 33215714]
- x86/p2m: don't ignore p2m_remove_page()'s return value (Jan Beulich) [Orabug: 33215714]
- x86/p2m: fix PoD accounting in guest_physmap_add_entry() (Jan Beulich) [Orabug: 33215714]
[4.4.4-222.0.41.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=af11c8054b2c02d72e519d66645fa4b598b14778
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional commit=4a8ded640f04b41cdb15ce7c4c0a2c812c1b9e4d
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- x86/vpt: fully init timers before putting onto list (Jan Beulich) [Orabug: 33010521]
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3 (x86_64) | xen-4.4.4-222.0.42.el6.src.rpm | 44b7a72d5eff7c3bba3a4e318a83d61d5fb30dbdfa93de1c04faf4d04ed3f01b | OVMBA-2024-0012 | ovm3_x86_64_ELS |
| xen-4.4.4-222.0.42.el6.x86_64.rpm | 749be18ed7cff232e5a383800894f1b9bd013c393e918dbf41be664ee2e762d8 | OVMBA-2024-0012 | ovm3_x86_64_ELS |
| xen-tools-4.4.4-222.0.42.el6.x86_64.rpm | f1fe5313cc5629ac4c35fca9bbd0c1ed49ee8d6cdb616974ed0510075a69ef0a | OVMBA-2024-0012 | ovm3_x86_64_ELS |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
