Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 34: FEDORA-2021-41d4347447 Critical: IOMMU Timeout Issue

fedora
Calendar Grey June 16, 2021
Dist Fedora Esm H88
Fedora 34 has issued a security advisory addressing updates to Xen, targeting boot module scrubbing and IOMMU timeout issues crucial for system integrity and performance
xen/arm: Boot modules are not scrubbed [XSA-372, CVE-2021-28693] inappropriate x86 IOMMU timeout detection / handling [XSA-373, CVE-2021-28692] Speculative Code Store Bypass [XSA-3...

Summary

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

xen/arm: Boot modules are not scrubbed [XSA-372, CVE-2021-28693] inappropriate

x86 IOMMU timeout detection / handling [XSA-373, CVE-2021-28692] Speculative

Code Store Bypass [XSA-375, CVE-2021-0089] x86: TSX Async Abort protections not

restored after S3 [XSA-377, CVE-2021-28690]

* Tue Jun 8 2021 Michael Young - 4.14.2-2

- xen/arm: Boot modules are not scrubbed [XSA-372, CVE-2021-28693]

- inappropriate x86 IOMMU timeout detection / handling

[XSA-373, CVE-2021-28692]

- Speculative Code Store Bypass [XSA-375, CVE-2021-0089]

- x86: TSX Async Abort protections not restored after S3

[XSA-377, CVE-2021-28690]

[ 1 ] Bug #1970530 - CVE-2021-0089 CVE-2021-26313 CVE-2021-0086 CVE-2021-26314 xen: speculative code store bypass (XSA-375)

https://bugzilla.redhat.com/show_bug.cgi?id=1970530

[ 2 ] Bug #1970539 - CVE-2021-28692 xen: inappropriate x86 IOMMU timeout detection / handling (XSA-373)

https://bugzilla.redhat.com/show_bug.cgi?id=1970539

[ 3 ] Bug #1970541 - CVE-2021-28693 xen: arm: boot modules are not scrubbed (XSA-372)

https://bugzilla.redhat.com/show_bug.cgi?id=1970541

[ 4 ] Bug #1970545 - CVE-2021-28690 xen: x86: TSX Async Abort protections not restored after S3 (XSA-377)

https://bugzilla.redhat.com/show_bug.cgi?id=1970545

su -c 'dnf upgrade --advisory FEDORA-2021-41d4347447' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory critical Fedora Xen issue IOMMU timeout boot scrubbing IOMMU handling

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 34
Version: 4.14.2
Release: 2.fc34
URL: https://xenproject.org/
Summary: Xen is a virtual machine monitor

Topics%20covered

Topics Covered

security advisory critical Fedora Xen issue IOMMU timeout boot scrubbing IOMMU handling

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here