OVMSA-2022-0003 - xen security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2022-01-11 |
Description
[4.4.4-222.0.45.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=372b8932eb419e9c9b316724d2e4a28c396db6e0
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional commit=4a8ded640f04b41cdb15ce7c4c0a2c812c1b9e4d
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- x86/P2M: deal with partial success of p2m_set_entry() (Jan Beulich) [Orabug: 33617682] {CVE-2021-28705} {CVE-2021-28709}
- x86/p2m: add PoD accounting to set_typed_p2m_entry() (Jan Beulich) [Orabug: 33617682]
- xen/page_alloc: Harden assign_pages() (Julien Grall) [Orabug: 33617675] {CVE-2021-28706}
- make domain_adjust_tot_pages() __must_check (Jan Beulich) [Orabug: 33617675]
- p2m: Check return value of p2m_set_entry() when decreasing reservation (George Dunlap) [Orabug: 31245546] {CVE-2017-17045}
- p2m: Always check to see if removing a p2m entry actually worked (George Dunlap) [Orabug: 31245546] {CVE-2017-17045}
- x86/pod: prevent infinite loop when shattering large pages (Julien Grall) [Orabug: 31241596] {CVE-2017-17044}
- xen/physmap: Do not permit a guest to populate PoD pages for itself (Andrew Cooper) [Orabug: 31241596] {CVE-2017-17044}
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3 (x86_64) | xen-4.4.4-222.0.45.el6.src.rpm | 4ce3b941dc8e5e13e3362a3a27f97ce5d413abe6b4ca1cd1c9bc45e39cd60b62 | OVMBA-2024-0012 | ovm3_x86_64_ELS |
| xen-4.4.4-222.0.45.el6.x86_64.rpm | e1c2d602266da39ec6a264f7575ced49d6a4dd1399178d63da829f4f9e95ef44 | OVMBA-2024-0012 | ovm3_x86_64_ELS |
| xen-tools-4.4.4-222.0.45.el6.x86_64.rpm | 354e96b655dee799cca3156ad8cd4c7c0ffda309081f22c95eee96e619acc179 | OVMBA-2024-0012 | ovm3_x86_64_ELS |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
