September 2023 Security Update

Security Sep 29, 2023

September is almost over, but a wild new XSA appeared! 👹 You know what to do to be very effective: update your system as soon as possible.

📋 Summary

New security updates are available for the only currently supported release of XCP-ng: 8.2 LTS.

To update, follow this guide. You can also join the discussion on our community forum. Host reboots are necessary after this update.

🔒 Fixed vulnerabilities

This update fixes XSA-439 / CVE-2023-20588: "x86/AMD: Divide speculative information leak".

On AMD Zen1 CPUs, a vulnerability in the hardware may allow an attacker "to infer data from a different execution context on the same CPU core."

The updated Xen also improves the detection of Zen2-based hardware which may need workarounds ("chicken bit") for Zenbleed, and works around AMD Erratum 1474 (an AMD CPU core may stop responding after 1044 days) for AMD Zen2 CPUs.


Samuel Verschelde

Along with Olivier Lambert

XCP-ng release manager: pushes the big red "Release" button. Part developer, part packager, part QA, part manager. Open Source enthusiast since 2002.