Xen Offers Up Security Fixes With Linux 5.11

Unlike the KVM additions, the Xen hypervisor for the Linux 5.11 merge window doesn't bring any new features but just security fixes for some new vulnerabilities.

The Xen changes for the Linux 5.11 merge window include just a set of patches for addressing two vulnerabilities (XSA-349 and XSA-350).

XSA-349 was made public last week that Linux and some BSDs are processing Xen watch events using a single thread and that if events are received faster than processing/handling, a guest could trigger an out-of-memory event in the back-end. The advisory says there is no known mitigation but with Linux 5.11 comes a set of patches to address this for Linux in addressing the resource depletion issue that could lead to a denial of service.

XSA-350 also disclosed last week is a Linux-specific advisory over the block back-end potentially re-using a pointer after it was freed and could lead to a Dom0 crash by continuously connecting/disconnecting a block front-end. It's possible that privilege escalation and information disclosure could result. That advisory recommends switching disk back-ends, but Linux 5.11 again will have a proper mitigation.

The Xen pull request has the patches for these two Xen security advisories. So far the patches at least have not been back-ported to any stable kernel series.