September 2023 Security Update
September is almost over, but a wild new XSA appeared! 👹 You know what to do to be very effective: update your system as soon as possible.
📋 Summary
New security updates are available for the only currently supported release of XCP-ng: 8.2 LTS.
📔
To update, follow this guide. You can also join the discussion on our community forum. Host reboots are necessary after this update.
🔒 Fixed vulnerabilities
This update fixes XSA-439 / CVE-2023-20588: "x86/AMD: Divide speculative information leak".
On AMD Zen1 CPUs, a vulnerability in the hardware may allow an attacker "to infer data from a different execution context on the same CPU core."
The updated Xen also improves the detection of Zen2-based hardware which may need workarounds ("chicken bit") for Zenbleed, and works around AMD Erratum 1474 (an AMD CPU core may stop responding after 1044 days) for AMD Zen2 CPUs.