[3.9] xen: Multiple vulnerabilities (CVE-2018-3620, CVE-2018-3646, CVE-2018-14007, CVE-2018-14678, CVE-2018-15468, CVE-2018-15469, CVE-2018-15470, CVE-2018-15471)
CVE-2018-15469, XSA-268: Use of v2 grant tables may cause crash on Arm
Reference:
http://xenbits.xen.org/xsa/advisory-268.html
CVE-2018-15468, XSA-269: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS
Reference:
http://xenbits.xen.org/xsa/advisory-269.html
CVE-2018-15471, XSA-270: Linux netback driver OOB access in hash handling
Reference:
http://xenbits.xen.org/xsa/advisory-270.html
CVE-2018-14007, XSA-271: XAPI HTTP directory traversal
Reference:
http://xenbits.xen.org/xsa/advisory-271.html
CVE-2018-15470, XSA-272: oxenstored does not apply quota-maxentity
Reference:
http://xenbits.xen.org/xsa/advisory-272.html
CVE-2018-3620, CVE-2018-3646, XSA-273: L1 Terminal Fault speculative side channel
Reference:
http://xenbits.xen.org/xsa/advisory-273.html
CVE-2018-14678, XSA-274: Linux: Uninitialized state in x86 PV failsafe callback path
Reference:
http://xenbits.xen.org/xsa/advisory-274.html
(from redmine: issue id 9294, created on 2018-08-21, closed on 2019-05-04)
- Relations:
- copied_to #9293
- parent #9293