June 2022 Security Update #2

A security update is available for the only currently supported release of XCP-ng: 8.2 LTS.

📔
To update, follow this guide. You can also join the discussion on our community forum. Hosts reboot necessary after this update.

Summary

New vulnerabilities in Intel CPUs have been disclosed.

We provide an update of the Xen hypervisor that includes patches which mitigate these hardware issues.

We also released a maintenance update of the secureboot-certs script included in the uefistored RPM.

Impact

Code running in a guest VM may be able to read very small sections of memory that are actively being used somewhere else.

Only Intel CPUs are affected.

References