http://bugzilla.opensuse.org/show_bug.cgi?id=1064061 Bug ID: 1064061 Summary: Virtualization/xen: Bug tracking multiple Xen CVEs Classification: openSUSE Product: openSUSE.org Version: unspecified Hardware: Other OS: Other Status: NEW Severity: Major Priority: P5 - None Component: 3rd party software Assignee: carnold@suse.com Reporter: pgnet.dev@gmail.com QA Contact: opensuse-communityscreening@forge.provo.novell.com Found By: --- Blocker: --- Current install xen-4.9.0_50-535.7.x86_64 on Opensuse 42.3 host. Noting/tracking multiple CVEs across multiple Xen versions; watching for patched releases: [Xen-users] Xen Security Advisory 244 (CVE-2017-15594) - x86: Incorrect handling of IST settings during CPU hotplug [Xen-users] Xen Security Advisory 243 (CVE-2017-15592) - x86: Incorrect handling of self-linear shadow mappings with translated guests [Xen-users] Xen Security Advisory 242 (CVE-2017-15593) - page type reference leak on x86 [Xen-users] Xen Security Advisory 241 (CVE-2017-15588) - Stale TLB entry due to page type release race [Xen-users] Xen Security Advisory 240 (CVE-2017-15595) - Unlimited recursion in linear pagetable de-typing [Xen-users] Xen Security Advisory 239 (CVE-2017-15589) - hypervisor stack leak in x86 I/O intercept code [Xen-users] Xen Security Advisory 237 (CVE-2017-15590) - multiple MSI mapping issues on x86 [Xen-users] Xen Security Advisory 235 (CVE-2017-15596) - add-to-physmap error paths fail to release lock on ARM -- You are receiving this mail because: You are on the CC list for the bug.