Publishing details

• Published on 2022-09-19
• Copied from ubuntu focal in PPA for Ubuntu Security Proposed by Eduardo Barretto

Changelog

xen (4.11.3+24-g14b62ab3e5-1ubuntu2.3) focal-security; urgency=medium

  * SECURITY UPDATE: Fix multiple vulnerabilities
    - d/p/xsa312-4.11.patch: Place a speculation barrier sequence
      following an eret instruction
    - d/p/CVE-2020-11740-and-CVE-2020-11741-1.patch: clear buffer intended
      to be shared with guests
    - d/p/CVE-2020-11740-and-CVE-2020-11741-2.patch: limit consumption of
      shared buffer data
    - d/p/CVE-2020-11739.patch: Add missing memory barrier in the unlock
      path of rwlock
    - d/p/CVE-2020-11743.patch: Fix error path in map_grant_ref()
    - d/p/CVE-2020-11742.patch: fix GNTTABOP_copy continuation handling
    - d/p/CVE-2020-0543-1.patch: CPUID/MSR definitions for Special
      Register Buffer Data Sampling
    - d/p/CVE-2020-0543-2.patch: Mitigate the Special Register Buffer
      Data Sampling sidechannel
    - d/p/CVE-2020-0543-3.patch: Allow the RDRAND/RDSEED features to be
      hidden
    - d/p/CVE-2020-15566.patch: Don't ignore error in get_free_port()
    - d/p/CVE-2020-15563.patch: correct an inverted conditional in dirty
      VRAM tracking
    - d/p/CVE-2020-15565-1.patch: improve IOMMU TLB flush
    - d/p/CVE-2020-15565-2.patch: prune (and rename) cache flush
      functions
    - d/p/CVE-2020-15565-3.patch: introduce a cache sync hook
    - d/p/CVE-2020-15565-4.patch: don't assume addresses are aligned in
      sync_cache
    - d/p/CVE-2020-15564.patch: Check the alignment of the offset passed
      via VCPUOP_register_vcpu_info
    - d/p/CVE-2020-15567-1.patch: ept_set_middle_entry() related
      adjustments
    - d/p/CVE-2020-15567-2.patch: atomically modify entries in
      ept_next_level
    - d/p/CVE-2020-25602.patch: Handle the Intel-specific MSR_MISC_ENABLE
      correctly
    - d/p/CVE-2020-25604.patch: fix race when migrating timers between
      vCPUs
    - d/p/CVE-2020-25595-1.patch: get rid of read_msi_msg
    - d/p/CVE-2020-25595-2.patch: restrict reading of table/PBA bases
      from BARs
    - d/p/CVE-2020-25597.patch: relax port_is_valid()
    - d/p/CVE-2020-25596.patch: Avoid double exception injection
    - d/p/CVE-2020-25603.patch: Add missing barriers when
      accessing/allocating an event channel
    - d/p/CVE-2020-25600.patch: enforce correct upper limit for 32-bit
      guests
    - d/p/CVE-2020-25599-1.patch: evtchn_reset() shouldn't succeed with
      still-open ports
    - d/p/CVE-2020-25599-2.patch: convert per-channel lock to be IRQ-safe
    - d/p/CVE-2020-25599-3.patch: address races with evtchn_reset()
    - d/p/CVE-2020-25601-1.patch: arrange for preemption in
      evtchn_destroy()
    - d/p/CVE-2020-25601-2.patch: arrange for preemption in evtchn_reset()
    - CVE-2020-11740
    - CVE-2020-11741
    - CVE-2020-11739
    - CVE-2020-11743
    - CVE-2020-11742
    - CVE-2020-0543
    - CVE-2020-15566
    - CVE-2020-15563
    - CVE-2020-15565
    - CVE-2020-15564
    - CVE-2020-15567
    - CVE-2020-25602
    - CVE-2020-25604
    - CVE-2020-25595
    - CVE-2020-25597
    - CVE-2020-25596
    - CVE-2020-25603
    - CVE-2020-25600
    - CVE-2020-25599
    - CVE-2020-25601

 -- Luís Infante da Câmara <email address hidden>  Mon, 22 Aug 2022 11:20:03 +0200

Builds

• amd64
• arm64
• armhf

Built packages

• libxen-dev Public headers and libs for Xen

• libxencall1 Xen runtime library - libxencall

• libxencall1-dbgsym debug symbols for libxencall1

• libxendevicemodel1 Xen runtime libraries - libxendevicemodel

• libxendevicemodel1-dbgsym debug symbols for libxendevicemodel1

• libxenevtchn1 Xen runtime libraries - libxenevtchn

• libxenevtchn1-dbgsym debug symbols for libxenevtchn1

• libxenforeignmemory1 Xen runtime libraries - libxenforeignmemory

• libxenforeignmemory1-dbgsym debug symbols for libxenforeignmemory1

• libxengnttab1 Xen runtime libraries - libxengnttab

• libxengnttab1-dbgsym debug symbols for libxengnttab1

• libxenmisc4.11 Xen runtime libraries - miscellaneous, versioned ABI

• libxenmisc4.11-dbgsym debug symbols for libxenmisc4.11

• libxenstore3.0 Xen runtime libraries - libxenstore

• libxenstore3.0-dbgsym debug symbols for libxenstore3.0

• libxentoolcore1 Xen runtime libraries - libxentoolcore

• libxentoolcore1-dbgsym debug symbols for libxentoolcore1

• libxentoollog1 Xen runtime libraries - libxentoollog

• libxentoollog1-dbgsym debug symbols for libxentoollog1

• xen-doc XEN documentation

• xen-hypervisor-4.11-amd64 Xen Hypervisor on AMD64

• xen-hypervisor-4.11-arm64 Xen Hypervisor on ARM64

• xen-hypervisor-4.11-armhf Xen Hypervisor on ARMHF

• xen-hypervisor-4.9-amd64 Transitional package for upgrade

• xen-hypervisor-4.9-arm64 Transitional package for upgrade

• xen-hypervisor-4.9-armhf Transitional package for upgrade

• xen-hypervisor-common Xen Hypervisor - common files

• xen-system-amd64 Xen System on AMD64 (metapackage)

• xen-system-arm64 Xen System on ARM64 (metapackage)

• xen-system-armhf Xen System on ARMHF (metapackage)

• xen-utils-4.11 XEN administrative tools

• xen-utils-4.11-dbgsym debug symbols for xen-utils-4.11

• xen-utils-common Xen administrative tools - common files

• xen-utils-common-dbgsym debug symbols for xen-utils-common

• xenstore-utils Xenstore command line utilities for Xen

• xenstore-utils-dbgsym debug symbols for xenstore-utils

Package files

• libxen-dev_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (683.7 KiB)
• libxen-dev_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (621.4 KiB)
• libxen-dev_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (590.0 KiB)
• libxencall1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (13.6 KiB)
• libxencall1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (13.6 KiB)
• libxencall1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (13.7 KiB)
• libxencall1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (9.2 KiB)
• libxencall1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (8.9 KiB)
• libxencall1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (8.6 KiB)
• libxendevicemodel1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (17.8 KiB)
• libxendevicemodel1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (17.9 KiB)
• libxendevicemodel1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (17.8 KiB)
• libxendevicemodel1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (10.2 KiB)
• libxendevicemodel1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (9.9 KiB)
• libxendevicemodel1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (9.5 KiB)
• libxenevtchn1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (8.4 KiB)
• libxenevtchn1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (8.4 KiB)
• libxenevtchn1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (8.5 KiB)
• libxenevtchn1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (7.8 KiB)
• libxenevtchn1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (7.7 KiB)
• libxenevtchn1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (7.5 KiB)
• libxenforeignmemory1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (12.4 KiB)
• libxenforeignmemory1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (12.5 KiB)
• libxenforeignmemory1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (12.3 KiB)
• libxenforeignmemory1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (9.6 KiB)
• libxenforeignmemory1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (9.3 KiB)
• libxenforeignmemory1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (8.8 KiB)
• libxengnttab1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (14.4 KiB)
• libxengnttab1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (14.2 KiB)
• libxengnttab1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (14.1 KiB)
• libxengnttab1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (9.6 KiB)
• libxengnttab1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (9.4 KiB)
• libxengnttab1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (8.8 KiB)
• libxenmisc4.11-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (2.2 MiB)
• libxenmisc4.11-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (1.9 MiB)
• libxenmisc4.11-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (1.9 MiB)
• libxenmisc4.11_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (429.2 KiB)
• libxenmisc4.11_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (347.9 KiB)
• libxenmisc4.11_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (319.2 KiB)
• libxenstore3.0-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (33.4 KiB)
• libxenstore3.0-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (33.1 KiB)
• libxenstore3.0-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (33.1 KiB)
• libxenstore3.0_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (16.5 KiB)
• libxenstore3.0_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (15.8 KiB)
• libxenstore3.0_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (14.1 KiB)
• libxentoolcore1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (5.3 KiB)
• libxentoolcore1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (5.3 KiB)
• libxentoolcore1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (5.3 KiB)
• libxentoolcore1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (11.6 KiB)
• libxentoolcore1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (11.5 KiB)
• libxentoolcore1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (11.2 KiB)
• libxentoollog1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (11.3 KiB)
• libxentoollog1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (10.6 KiB)
• libxentoollog1-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (10.6 KiB)
• libxentoollog1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (13.3 KiB)
• libxentoollog1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (13.3 KiB)
• libxentoollog1_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (13.0 KiB)
• xen-doc_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (403.1 KiB)
• xen-doc_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (403.1 KiB)
• xen-doc_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (403.1 KiB)
• xen-hypervisor-4.11-amd64_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (14.5 MiB)
• xen-hypervisor-4.11-arm64_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (3.4 MiB)
• xen-hypervisor-4.11-armhf_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (3.1 MiB)
• xen-hypervisor-4.9-amd64_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (5.4 KiB)
• xen-hypervisor-4.9-arm64_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (5.4 KiB)
• xen-hypervisor-4.9-armhf_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (5.4 KiB)
• xen-hypervisor-common_4.11.3+24-g14b62ab3e5-1ubuntu2.3_all.deb (11.3 KiB)
• xen-system-amd64_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (5.2 KiB)
• xen-system-arm64_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (5.2 KiB)
• xen-system-armhf_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (5.2 KiB)
• xen-utils-4.11-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (1.0 MiB)
• xen-utils-4.11-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (845.4 KiB)
• xen-utils-4.11-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (827.2 KiB)
• xen-utils-4.11_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (6.9 MiB)
• xen-utils-4.11_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (604.5 KiB)
• xen-utils-4.11_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (531.0 KiB)
• xen-utils-common-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (261.7 KiB)
• xen-utils-common-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (24.2 KiB)
• xen-utils-common-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (24.3 KiB)
• xen-utils-common_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (247.4 KiB)
• xen-utils-common_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (171.0 KiB)
• xen-utils-common_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (171.7 KiB)
• xen_4.11.3+24-g14b62ab3e5-1ubuntu2.3.debian.tar.xz (221.1 KiB)
• xen_4.11.3+24-g14b62ab3e5-1ubuntu2.3.dsc (4.4 KiB)
• xen_4.11.3+24-g14b62ab3e5.orig.tar.xz (4.0 MiB)
• xenstore-utils-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.ddeb (19.6 KiB)
• xenstore-utils-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.ddeb (20.0 KiB)
• xenstore-utils-dbgsym_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.ddeb (19.1 KiB)
• xenstore-utils_4.11.3+24-g14b62ab3e5-1ubuntu2.3_amd64.deb (20.1 KiB)
• xenstore-utils_4.11.3+24-g14b62ab3e5-1ubuntu2.3_arm64.deb (19.8 KiB)
• xenstore-utils_4.11.3+24-g14b62ab3e5-1ubuntu2.3_armhf.deb (19.0 KiB)