** Summary changed: - CVE-2022-23036, CVE-2022-23037 and CVE-2022-23038 + Linux PV device frontends vulnerable to attacks by backends
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-23039 ** Description changed: - The following packages are vulnerable to CVE-2022-23036, CVE-2022-23037 - and CVE-2022-23038 in at least one Ubuntu release, as stated in the - Ubuntu CVE Tracker. + The packages listed above are vulnerable to the CVEs below in at least + one Ubuntu release, as stated in the Ubuntu CVE Tracker. Please release fixed packages. Xen released a security advisory on March 10. (I was informed by the security team that it does not track security issues via Launchpad bugs, but in the Ubuntu CVE Tracker. However, the issue is unpatched for over 2.5 months and marked as needed for these combinations of source package and Ubuntu version in the Tracker, and therefore I am filing this bug.) ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-23040 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1976184 Title: Linux PV device frontends vulnerable to attacks by backends To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1976184/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
