September 2023 Security Update

September is almost over, but a wild new XSA appeared! 👹 You know what to do to be very effective: update your system as soon as possible.

📋 Summary

New security updates are available for the only currently supported release of XCP-ng: 8.2 LTS.

📔
To update, follow this guide. You can also join the discussion on our community forum. Host reboots are necessary after this update.

🔒 Fixed vulnerabilities

This update fixes XSA-439 / CVE-2023-20588: "x86/AMD: Divide speculative information leak".

On AMD Zen1 CPUs, a vulnerability in the hardware may allow an attacker "to infer data from a different execution context on the same CPU core."

The updated Xen also improves the detection of Zen2-based hardware which may need workarounds ("chicken bit") for Zenbleed, and works around AMD Erratum 1474 (an AMD CPU core may stop responding after 1044 days) for AMD Zen2 CPUs.