xen: Multiple vulnerabilities (CVE-2018-12207, CVE-2019-18421, CVE-2019-18422, CVE-2019-18423, CVE-2019-18424, CVE-2019-18425, CVE-2019-11135)
CVE-2019-18425, XSA-298: missing descriptor table limit checking in x86 PV emulation.
Xen versions from at least 3.2 onwards are affected.
Reference:
http://xenbits.xen.org/xsa/advisory-298.html
CVE-2019-18421, XSA-299: Issues with restartable PV type change operations
Reference:
http://xenbits.xen.org/xsa/advisory-299.html
CVE-2019-18423, XSA-301: add-to-physmap can be abused to DoS Arm hosts
Reference:
http://xenbits.xen.org/xsa/advisory-301.html
CVE-2019-18424, XSA-302: passed through PCI devices may corrupt host memory after deassignment
Reference:
http://xenbits.xen.org/xsa/advisory-302.html
CVE-2019-18422, XSA-303: ARM: Interrupts are unconditionally unmasked in exception handlers
Reference:
http://xenbits.xen.org/xsa/advisory-303.html
CVE-2018-12207, XSA-304: x86: Machine Check Error on Page Size Change DoS
Reference:
http://xenbits.xen.org/xsa/advisory-304.html
CVE-2019-11135, XSA-305: TSX Asynchronous Abort speculative side channel
Reference:
http://xenbits.xen.org/xsa/advisory-305.html
Affected branches:
-
master -
3.10-stable -
3.9-stable -
3.8-stable