git.libre-soc.org Git - buildroot.git/commit

author	Peter Korsgaard <peter@korsgaard.com>
	Sat, 21 Nov 2020 12:42:06 +0000 (13:42 +0100)
committer	Peter Korsgaard <peter@korsgaard.com>
	Sun, 22 Nov 2020 14:31:29 +0000 (15:31 +0100)
commit	b473ad2ec2d2d2cf981d7ec3a11d548d33d8a2cb
tree	9105a00997eb6ebb67566ed98523bf1ec2b7b9e7	tree
parent	55e28a526e0d123634790fb68454680679164b3d	commit \| diff

package/xen: add XSA-333..344 security fixes

Fixes the following security issues:

- XSA-333: x86 pv: Crash when handling guest access to MSR_MISC_ENABLE
  (CVE-2020-25602)
  https://xenbits.xenproject.org/xsa/advisory-333.html

- XSA-334: Missing unlock in XENMEM_acquire_resource error path
  (CVE-2020-25598)
  https://xenbits.xenproject.org/xsa/advisory-334.html

- XSA-336: race when migrating timers between x86 HVM vCPU-s
  (CVE-2020-25604)
  https://xenbits.xenproject.org/xsa/advisory-336.html

- XSA-337: PCI passthrough code reading back hardware registers
  (CVE-2020-25595)
  https://xenbits.xenproject.org/xsa/advisory-337.html

- XSA-338: once valid event channels may not turn invalid (CVE-2020-25597)
  https://xenbits.xenproject.org/xsa/advisory-338.html

- XSA-339: x86 pv guest kernel DoS via SYSENTER (CVE-2020-25596)
  https://xenbits.xenproject.org/xsa/advisory-339.html

- XSA-340: Missing memory barriers when accessing/allocating an event
  channel (CVE-2020-25603)
  https://xenbits.xenproject.org/xsa/advisory-340.html

- XSA-342: out of bounds event channels available to 32-bit x86 domains
  (CVE-2020-25600)
  https://xenbits.xenproject.org/xsa/advisory-342.html

- XSA-343: races with evtchn_reset() (CVE-2020-25599)
  https://xenbits.xenproject.org/xsa/advisory-343.html

- XSA-344: lack of preemption in evtchn_reset() / evtchn_destroy()
  (CVE-2020-25601)
  https://xenbits.xenproject.org/xsa/advisory-344.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xen/xen.hash		diff \| blob \| history
package/xen/xen.mk		diff \| blob \| history