search for: 42332

...ALL path Due to an | oversight in the very original Spectre/Meltdown security work | (XSA-254), one entrypath performs its speculation-safety actions too | late. In some configurations, there is an unprotected RET instruction | which can be attacked with a variety of speculative attacks. CVE-2022-42332[1]: | x86 shadow plus log-dirty mode use-after-free In environments where | host assisted address translation is necessary but Hardware Assisted | Paging (HAP) is unavailable, Xen will run guests in so called shadow | mode. Shadow mode maintains a pool of memory used for both shadow page | tables a...

Processing commands for control at bugs.debian.org: > found 1033297 4.14.5+86-g1c354767d5-1 Bug #1033297 [src:xen] xen: CVE-2022-42331 CVE-2022-42332 CVE-2022-42333 CVE-2022-42334 Marked as found in versions xen/4.14.5+86-g1c354767d5-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 1033297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033297 Debian Bug Tracking System Contact owner at bugs.debian.org...

Hi, OpenSSH 6.5 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains some substantial new features and a number of bugfixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is