Fedora 22 Security Update: xen-4.5.0-10.fc22

Resolved Bugs
1223846 – CVE-2015-4103 xen: potential unintended writes to host MSI message data field via qemu (xsa-128)
1227627 – CVE-2015-4103 xen: potential unintended writes to host MSI message data field via qemu (xsa-128) [fedora-all]
1223851 – CVE-2015-4104 xen: PCI MSI mask bits inadvertently exposed to guests (xsa-129)
1227628 – CVE-2015-4104 xen: PCI MSI mask bits inadvertently exposed to guests (xsa-129) [fedora-all]
1223853 – xen: guest triggerable qemu MSI-X pass-through error messages (xsa-130)
1227629 – CVE-2015-4105 xen: guest triggerable qemu MSI-X pass-through error messages (xsa-130) [fedora-all]
1223859 – xen: unmediated PCI register access in qemu (xsa-131)
1227631 – CVE-2015-4106 xen: unmediated PCI register access in qemu (xsa-131) [fedora-all]<br
replace deprecated gnutls use in qemu-xen-traditional based on qemu-xen patches,
work around a gcc 5 bug,
Potential unintended writes to host MSI message data field via qemu
[XSA-128, CVE-2015-4103],
PCI MSI mask bits inadvertently exposed to guests [XSA-129,
CVE-2015-4104],
Guest triggerable qemu MSI-X pass-through error messages [XSA-130,
CVE-2015-4105],
Unmediated PCI register access in qemu [XSA-131, CVE-2015-4106]

Leave a Reply