Changelog
xen (4.11.4+24-gddaaccbbab-1) unstable; urgency=medium
* Update to new upstream version 4.11.4+24-gddaaccbbab, which also contains
security fixes for the following issues:
- inverted code paths in x86 dirty VRAM tracking
XSA-319 CVE-2020-15563
- Special Register Buffer speculative side channel
XSA-320 CVE-2020-0543
N.B: To mitigate this issue, new cpu microcode is required. The changes
in Xen provide a workaround for affected hardware that is not receiving
a vendor microcode update. Please refer to the upstream XSA-320 Advisory
text for more details.
- insufficient cache write-back under VT-d
XSA-321 CVE-2020-15565
- Missing alignment check in VCPUOP_register_vcpu_info
XSA-327 CVE-2020-15564
- non-atomic modification of live EPT PTE
XSA-328 CVE-2020-15567
-- Hans van Kranenburg <email address hidden> Tue, 07 Jul 2020 16:07:39 +0200