retired/CVE-2019-17351


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

Description: No grant table and foreign mapping limits
References:
 https://xenbits.xen.org/xsa/advisory-300.html
Notes:
 carnil> Is a1078e821b60 ("xen: let alloc_xenballooned_pages() fail if
 carnil> not enough memory free") enough or is more needed?
 benh> The advisory says another patch will be needed for domU.
 benh> For 3.16 we need d02bd27bd33d "mm/page_alloc.c: calculate
 benh> 'available' memory in a separate function" first.
Bugs:
upstream: released (5.3-rc1) [a1078e821b605813b63bf6bca414a85f804d5c66]
4.19-upstream-stable: released (4.19.61) [e73db096691e5f2720049502a3794a2a0c6d1b1f]
4.9-upstream-stable: released (4.9.187) [259b0fc2caddc21a6b561b595747a8091102f7ff]
3.16-upstream-stable: released (3.16.72) [2ed58e578b03269b23eb7119fb38478725ae6470]
sid: released (5.2.6-1)
4.19-buster-security: released (4.19.67-1)
4.9-stretch-security: released (4.9.168-1+deb9u5) [bugfix/all/xen-let-alloc_xenballooned_pages-fail-if-not-enough-.patch]
3.16-jessie-security: released (3.16.72-1)