Git-Mirrors/qubes-doc

mirror of https://github.com/QubesOS/qubes-doc.git synced 2024-10-01 01:25:40 -04:00

Axon 4b7498d071

Update security bulletins

2015-10-30 05:51:23 +00:00

4.0 KiB

Raw Blame History

layout

title

permalink

redirect_from

doc

Security Bulletins

/doc/security-bulletins/

/en/doc/security-bulletins/

/doc/SecurityBulletins/

/wiki/SecurityBulletins/

/trac/wiki/SecurityBulletins/

Qubes Security Bulletins

Qubes Security Bulletins are published through the Qubes Security Pack.

2010

None

2011

Qubes Security Bulletin #01 (Gui daemon bug, Intel VT-d escape on non-IR hardware)

2012

Qubes Security Bulletin #02 (Intel SYSRET bug)
Qubes Security Bulletin #03 (Xen hypervisor bugs: XSA 13, others with DoS potential)
Qubes Security Bulletin #04 (Qubes firewall misconfiguration: ipv6 allowed)
Qubes Security Bulletin #05 (Xen hypervisor bugs: XSA 29, others with DoS potential)

2013

Qubes Security Bulletin #06 (Xen hypervisor bugs: XSA 50, others with DoS potential)
Qubes Security Bulletin #07 (Xen hypervisor bugs: XSA 57 potential escalation, also XSA 52-54 with potential leaks)
Qubes Security Bulletin #08 (Xen hypervisor bugs: XSA 45,58 potential DoS)

2014

Qubes Security Bulletin #09 (Qubes qvm-open-in-[d]vm environment inter-VM leak)
Qubes Security Bulletin #10 (Qubes pulseaudio & vchan bugs, Xen XSA 87)
Qubes Security Bulletin #11 (Qubes clipboard inter-VM leak)
Qubes Security Bulletin #12 (Memory leak in Xen hypervisor via RDMSR emulation bug (XSA 108))

2015

Qubes Security Bulletin #13 (Qubes Clipboard Timing Attacks and Qubes Core Python API Inconsistency)
Qubes Security Bulletin #14 (Race condition in Qubes Inter-VM File-Copy Mechanism)
Qubes Security Bulletin #15 (Critical Xen Hypervisor Vulnerability (XSA 109))
Qubes Security Bulletin #16 (Xen Hypervisor Information Leaks Vulnerabilities (XSA 121 & 122))
Qubes Security Bulletin #17 (Xen DoS from malicious driver domains or devices (XSA 120 & 124))
Qubes Security Bulletin #18 (Xen Hypervisor Instruction Emulation Bug (XSA 123))
Qubes Security Bulletin #19 (Anti Evil Maid bypass through unusual LUKS header)
Qubes Security Bulletin #20 (Fedora os-prober considered harmful)
Qubes Security Bulletin #21 (Anti Evil Maid bypass through filesystem ID collision)
Qubes Security Bulletin #22 (Critical Xen bug in PV memory virtualization code (XSA 148))