{"id":"MGASA-2020-0113","summary":"Updated xen packages fix security vulnerability","details":"- Updated from 4.12.0 to 4.12.1\n- Device quarantine for alternate pci assignment methods [XSA-306]\n- x86: Machine Check Error on Page Size Change DoS [XSA-304, CVE-2018-12207]\n- TSX Asynchronous Abort speculative side channel [XSA-305, CVE-2019-11135]\n- VCPUOP_initialise DoS [XSA-296, CVE-2019-18420] (rhbz#1771368)\n- missing descriptor table limit checking in x86 PV emulation [XSA-298,\n  CVE-2019-18425] (rhbz#1771341)\n- Issues with restartable PV type change operations [XSA-299, CVE-2019-18421]\n  (rhbz#1767726)\n- add-to-physmap can be abused to DoS Arm hosts [XSA-301, CVE-2019-18423]\n  (rhbz#1771345)\n- passed through PCI devices may corrupt host memory after deassignment\n  [XSA-302, CVE-2019-18424] (rhbz#1767731)\n- ARM: Interrupts are unconditionally unmasked in exception handlers\n  [XSA-303, CVE-2019-18422] (rhbz#1771443)\n- Unlimited Arm Atomics Operations [XSA-295, CVE-2019-17349,\n  CVE-2019-17350] (rhbz#1720760)\n- fix HVM DomU boot on some chipsets\n- adjust grub2 workaround\n","modified":"2026-04-16T00:12:14.078311095Z","published":"2020-03-06T16:13:58Z","upstream":["CVE-2018-12207","CVE-2019-11135","CVE-2019-17349","CVE-2019-17350","CVE-2019-18420","CVE-2019-18421","CVE-2019-18422","CVE-2019-18423","CVE-2019-18424","CVE-2019-18425"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0113.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=25782"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-295.html"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-296.html"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-298.html"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-299.html"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-301.html"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-302.html"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-303.html"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-304.html"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-305.html"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-306.html"}],"affected":[{"package":{"name":"xen","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/xen?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.12.1-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0113.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}