OVMSA-2022-0029 - xen security update

Release Date:2022-11-30


- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=16d527999fb1e1f389894409075b943bd56b1da3
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional commit=4a8ded640f04b41cdb15ce7c4c0a2c812c1b9e4d
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- xen/x86: p2m: Add preemption in p2m_teardown() (Julien Grall) [Orabug: 34724873] {CVE-2022-33746} {CVE-2022-33746}
- xen: Make preempted flag a bool (Boris Ostrovsky) [Orabug: 34724873]
- x86: allow calling {shadow/hap}_set_allocation with the idle domain (Roger Pau Monne) [Orabug: 34724873]
- x86/p2m: free the paging memory pool preemptively (Roger Pau Monne) [Orabug: 34724873] {CVE-2022-33746} {CVE-2022-33746}
- x86/p2m: truly free paging pool memory for dying domains (Roger Pau Monne) [Orabug: 34724873] {CVE-2022-33746} {CVE-2022-33746}
- x86/p2m: refuse new allocations for dying domains (Roger Pau Monne) [Orabug: 34724873] {CVE-2022-33746} {CVE-2022-33746}
- x86/shadow: tolerate failure in shadow_prealloc() (Roger Pau Monne) [Orabug: 34724873] {CVE-2022-33746} {CVE-2022-33746}
- x86/shadow: tolerate failure of sh_set_toplevel_shadow() (Jan Beulich) [Orabug: 34724873] {CVE-2022-33746} {CVE-2022-33746}
- x86/HAP: adjust monitor table related error handling (Jan Beulich) [Orabug: 34724873] {CVE-2022-33746} {CVE-2022-33746}
- x86/p2m: add option to skip root pagetable removal in p2m_teardown() (Roger Pau Monne) [Orabug: 34724873] {CVE-2022-33746} {CVE-2022-33746}

Related CVEs


Updated Packages

Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle VM 3 (x86_64) xen-4.4.4-222.0.50.el6.src.rpme1afa52f5fb75f0cc2207e50503a9af7-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team