Contact Privacy DMCA

Robuta
https://www.qubes-os.org/news/2022/11/08/qsb-086/ QSB-086: Speculative security issues on AMD CPUs (XSA-422) | Qubes OS We have just published Qubes Security Bulletin (QSB) 086: Speculative security issues on AMD CPUs (XSA-422). The text of this QSB is reproduced below. This QSB... security issuesqsbspeculativeamdcpus https://www.qubes-os.org/news/2022/06/09/qsb-080/ QSB-080: Issues with PV domains and PCI passthrough (XSA-401, XSA-402) | Qubes OS We have just published Qubes Security Bulletin (QSB) 080: Issues with PV domains and PCI passthrough (XSA-401, XSA-402). The text of this QSB is reproduced... qsbissuespvdomainspci https://www.qubes-os.org/news/2021/09/09/qsb-071/ QSB-071: Fatal options filtering flaw in Split GPG | Qubes OS Update: Please note that QSB-071 was updated on 2021-09-17. See below for the updated version, including the changelog. We have just published Qubes Security... qsbfataloptionsfilteringflaw https://www.qubes-os.org/news/2018/06/13/qsb-40-update/ Update for QSB #40: Information leaks due to processor speculative store bypass (XSA-263) | Qubes OS Dear Qubes Community, We have updated Qubes Security Bulletin (QSB) #40: Information leaks due to processor speculative store bypass (XSA-263). The text of the... updateqsbinformationleaksdue https://www.qubes-os.org/news/2021/06/08/qsb-069/ QSB-069: Multiple Xen and Intel issues | Qubes OS We have just published Qubes Security Bulletin (QSB) 069: Multiple Xen and Intel issues. The text of this QSB is reproduced below. This QSB and its... qsbmultiplexenintelissues https://www.qubes-os.org/news/2022/02/11/qsb-076/ QSB-076: Intel microcode updates | Qubes OS We have just published Qubes Security Bulletin (QSB) 076: Intel microcode updates. The text of this QSB is reproduced below. This QSB and its accompanying... qsbintelmicrocodeupdatesqubes https://www.qubes-os.org/news/2018/02/20/qsb-38/ QSB #38: Qrexec policy bypass and possible information leak | Qubes OS Dear Qubes Community, We have just published Qubes Security Bulletin (QSB) #38: Qrexec policy bypass and possible information leak. The text of this QSB is... qsbpolicybypasspossibleinformation https://www.qubes-os.org/news/2019/12/25/qsb-056/ QSB #056: Insufficient anti-spoofing firewall rules | Qubes OS We have just published Qubes Security Bulletin (QSB) #056: Insufficient anti-spoofing firewall rules. The text of this QSB is reproduced below. This QSB and... anti spoofingfirewall rulesqsbinsufficientqubes https://www.qubes-os.org/news/2022/06/17/qsb-081/ QSB-081: x86: MMIO Stale Data vulnerabilities (XSA-404) | Qubes OS We have just published Qubes Security Bulletin (QSB) 081: x86: MMIO Stale Data vulnerabilities (XSA-404). The text of this QSB is reproduced below. This QSB... qsbstaledatavulnerabilitiesxsa https://www.qubes-os.org/news/2023/07/24/qsb-090/ QSB-090: Zenbleed (CVE-2023-20593, XSA-433) | Qubes OS Note: A newer version of this QSB has been published. See Update for QSB-090: Zenbleed (CVE-2023-20593, XSA-433). We have published Qubes Security Bulletin... qsbcvexsaqubesos https://www.qubes-os.org/news/2024/04/10/qsb-102/ QSB-102: Multiple speculative-execution vulnerabilities: Spectre-BHB, BTC/SRSO (XSA-455, XSA-456) |... We have published Qubes Security Bulletin (QSB) 102: Multiple speculative-execution vulnerabilities: Spectre-BHB, BTC/SRSO (XSA-455, XSA-456). The text of this... qsbmultiplespeculativeexecutionvulnerabilities https://www.qubes-os.org/news/2023/08/08/qsb-092/ QSB-092: Buffer overrun in Linux netback driver (XSA-432) | Qubes OS We have published Qubes Security Bulletin 092: Buffer overrun in Linux netback driver (XSA-432). The text of this QSB and its accompanying cryptographic... qsbbufferoverrunlinuxdriver https://www.qubes-os.org/news/2022/03/10/qsb-077/ QSB-077: Multiple speculative security issues (XSA-398) | Qubes OS We have just published Qubes Security Bulletin (QSB) 077: Multiple speculative security issues (XSA-398). The text of this QSB is reproduced below. This QSB... security issuesqsbmultiplespeculativexsa https://www.qubes-os.org/news/2017/10/12/qsb-34/ QSB #34: GUI issue and Xen vulnerabilities (XSA-237 through XSA-244) | Qubes OS Dear Qubes Community, We have just published Qubes Security Bulletin (QSB) #34: GUI issue and Xen vulnerabilities (XSA-237 through XSA-244). The text of this... qsbguiissuexenvulnerabilities https://quakewiki.org/wiki/QSB QSB - Quake Wiki qsbquakewiki https://www.qubes-os.org/news/2023/08/02/qsb-090-update/ Update for QSB-090: Zenbleed (CVE-2023-20593, XSA-433) | Qubes OS We have updated Qubes Security Bulletin 090: Zenbleed (CVE-2023-20593, XSA-433). The text of this updated QSB (including a changelog) and its accompanying... updateqsbcvexsaqubes https://www.qubes-os.org/news/2023/07/27/qsb-091/ QSB-091: Windows PV drivers potentially compromised | Qubes OS We have published Qubes Security Bulletin 091: Windows PV drivers potentially compromised. The text of this QSB and its accompanying cryptographic signatures... qsbwindowspvdriverspotentially https://www.qubes-os.org/news/2018/01/24/qsb-37-update/ Update for QSB #37: Information leaks due to processor speculative execution bugs (XSA-254,... Dear Qubes Community, We have just updated Qubes Security Bulletin (QSB) #37: Information leaks due to processor speculative execution bugs. The text of the... updateqsbinformationleaksdue https://www.qubes-os.org/news/2017/04/04/qsb-29/ QSB #29: Critical Xen bug in PV memory virtualization code (XSA-212) | Qubes OS Dear Qubes community, We have just published Qubes Security Bulletin (QSB) #29: Critical Xen bug in PV memory virtualization code (XSA-212). The current text... qsbcriticalxenbugpv https://www.qubes-os.org/news/2023/11/15/qsb-097/ QSB-097: "Reptar" Intel redundant prefix vulnerability | Qubes OS We have published Qubes Security Bulletin 097: “Reptar” Intel redundant prefix vulnerability. The text of this QSB and its accompanying cryptographic... qsbintelredundantprefixvulnerability https://www.qubes-os.org/news/2018/11/20/qsb-44/ QSB #44: Multiple Xen vulnerabilities (XSA-275, XSA-280) | Qubes OS We have just published Qubes Security Bulletin (QSB) #44: Multiple Xen vulnerabilities (XSA-275, XSA-280). The text of this QSB is reproduced below. This QSB... qsbmultiplexenvulnerabilitiesxsa https://www.qubes-os.org/news/2021/11/24/qsb-074/ QSB-074: Xen issues related to populate-on-demand (XSA-388, XSA-389) | Qubes OS We have just published Qubes Security Bulletin (QSB) 074: Xen issues related to populate-on-demand (XSA-388, XSA-389). The text of this QSB is reproduced... issues relatedqsbxenpopulatedemand https://www.qubes-os.org/news/2019/03/05/qsb-048/ QSB #048: Multiple Xen vulnerabilities | Qubes OS We have just published Qubes Security Bulletin (QSB) #048: Multiple Xen vulnerabilities. The text of this QSB is reproduced below. This QSB and its... qsbmultiplexenvulnerabilitiesqubes https://www.qubes-os.org/news/2022/07/13/qsb-083/ QSB-083: Retbleed: Arbitrary speculative code execution with return instructions (XSA-407) | Qubes... We have just published Qubes Security Bulletin (QSB) 083: Retbleed: Arbitrary speculative code execution with return instructions (XSA-407). The text of this... code executionqsbarbitraryspeculativereturn https://www.qubes-os.org/news/2019/05/15/qsb-049/ QSB #049: Microarchitectural Data Sampling speculative side channel (XSA-297) | Qubes OS We have just published Qubes Security Bulletin (QSB) #049: Microarchitectural Data Sampling speculative side channel (XSA-297). The text of this QSB is... microarchitectural dataside channelqsbsamplingspeculative https://www.qubes-os.org/news/2022/08/06/qsb-084/ QSB-084: Split GPG: GnuPG file descriptor confusion and file existence leak | Qubes OS We have just published Qubes Security Bulletin (QSB) 084: Split GPG: GnuPG file descriptor confusion and file existence leak. The text of this QSB is... qsbsplitgpggnupgfile https://www.qubes-os.org/news/2020/11/10/qsb-061/ QSB #061: Information leak via power sidechannel (XSA-351) | Qubes OS We have just published Qubes Security Bulletin (QSB) #061: Information leak via power sidechannel (XSA-351). The text of this QSB is reproduced below. This QSB... qsbinformationleakviapower https://www.qubes-os.org/news/2018/05/08/qsb-39/ QSB #39: Xen vulnerability (XSA-260) and GUI daemon issue | Qubes OS Dear Qubes Community, We have just published Qubes Security Bulletin (QSB) #39: Xen vulnerability (XSA-260) and GUI daemon issue. The text of this QSB is... qsbxenvulnerabilityxsagui https://www.qubes-os.org/news/2026/03/17/qsb-110/ QSB-110: Use after free of paging structures in EPT (XSA-480) | Qubes OS We have published Qubes Security Bulletin (QSB) 110: Use after free of paging structures in EPT (XSA-480). The text of this QSB and its accompanying... qsbusefreepagingstructures https://www.qubes-os.org/news/2024/03/18/qsb-101-update/ Update for QSB-101: Register File Data Sampling (XSA-452) and Intel Processor Return Predictions... Update (2024-03-25): Marek Marczykowski-Górecki’s PGP signature is now available. We have updated Qubes Security Bulletin (QSB) 101: Register File Data... file dataintel processorupdateqsbregister https://www.qubes-os.org/news/2022/07/05/qsb-082/ QSB-082: Memory management issues in PV frontend drivers | Qubes OS We have just published Qubes Security Bulletin (QSB) 082: Memory management issues in PV frontend drivers. The text of this QSB is reproduced below. This QSB... memory managementqsbissuespvfrontend https://www.qubes-os.org/news/2024/03/13/qsb-101/ QSB-101: Register File Data Sampling (XSA-452) | Qubes OS Note: A newer version of this QSB has been published. See Update for QSB-101: Register File Data Sampling (XSA-452) and Intel Processor Return Predictions... file dataqsbregistersamplingxsa https://www.qubes-os.org/news/2018/09/02/qsb-43/ QSB #43: L1 Terminal Fault speculative side channel (XSA-273) | Qubes OS Dear Qubes Community, We have just published Qubes Security Bulletin (QSB) #43: L1 Terminal Fault speculative side channel (XSA-273). The text of this QSB is... side channelqsbterminalfaultspeculative https://www.qubes-os.org/news/2021/02/17/qsb-064/ QSB-064: Linux: error handling issues in blkback's grant mapping (XSA-365) | Qubes OS We have just published Qubes Security Bulletin (QSB) 064: Linux: error handling issues in blkback’s grant mapping (XSA-365). The text of this QSB is reproduced... error handlingqsblinuxissuesgrant https://www.qubes-os.org/news/2026/04/19/qsb-112/ QSB-112: Floating Point Divider State Sampling (XSA-488) | Qubes OS We have published Qubes Security Bulletin (QSB) 112: Floating Point Divider State Sampling (XSA-488). The text of this QSB and its accompanying cryptographic... floating pointqsbdividerstatesampling https://www.qubes-os.org/news/2018/08/14/qsb-42/ QSB #42: Linux netback driver OOB access in hash handling (XSA-270) | Qubes OS Dear Qubes Community, We have just published Qubes Security Bulletin (QSB) #42: Linux netback driver OOB access in hash handling (XSA-270). The text of this... qsblinuxdriveroobaccess https://www.qubes-os.org/news/2025/08/14/qsb-109/ QSB-109: Intel microcode updates | Qubes OS We have published Qubes Security Bulletin (QSB) 109: Intel microcode updates. The text of this QSB and its accompanying cryptographic signatures are reproduced... qsbintelmicrocodeupdatesqubes https://www.qubes-os.org/news/2024/01/19/qsb-099/ QSB-099: Qrexec policy leak via policy.RegisterArgument service | Qubes OS We have published Qubes Security Bulletin 099: Qrexec policy leak via policy.RegisterArgument service. The text of this QSB and its accompanying cryptographic... qsbpolicyleakviaservice https://www.qubes-os.org/news/2019/11/26/qsb-054/ QSB #054: Xen fix for XSA-302 found ineffective in Qubes configuration (XSA-306) | Qubes OS We have just published Qubes Security Bulletin (QSB) #054: Xen fix for XSA-302 found ineffective in Qubes configuration (XSA-306). The text of this QSB is... qsbxenfixxsafound https://www.qubes-os.org/news/2021/09/27/qsb-072/ QSB-072: Inconsistent handling of the override-redirect flag | Qubes OS We have just published Qubes Security Bulletin (QSB) 072: Inconsistent handling of the override-redirect flag. The text of this QSB is reproduced below. This... qsbinconsistenthandlingoverrideredirect https://www.qubes-os.org/news/2025/05/15/qsb-107/ QSB-107: Multiple CPU branch prediction vulnerabilities | Qubes OS We have published Qubes Security Bulletin (QSB) 107: Multiple CPU branch prediction vulnerabilities. The text of this QSB and its accompanying cryptographic... qsbmultiplecpubranchprediction https://www.qubes-os.org/news/2017/09/12/qsb-33/ QSB #33: Xen hypervisor (XSA-231 through XSA-234) | Qubes OS Dear Qubes Community, We have just published Qubes Security Bulletin (QSB) #33: Xen hypervisor (XSA-231 through XSA-234). The text of this QSB is reproduced... qsbxenhypervisorxsaqubes https://www.qubes-os.org/news/2017/05/02/qsb-30/ QSB #30: Critical Xen bugs related to PV memory virtualization (XSA-213, XSA-214) | Qubes OS Dear Qubes community, We have just published Qubes Security Bulletin (QSB) #30: Critical Xen bugs related to PV memory virtualization (XSA-213, XSA-214). The... qsbcriticalxenbugsrelated https://www.qubes-os.org/news/2023/08/09/qsb-093/ QSB-093: Transient execution vulnerabilities in AMD and Intel CPUs (CVE-2023-20569/XSA-434,... We have published Qubes Security Bulletin 093: Transient execution vulnerabilities in AMD and Intel CPUs (CVE-2023-20569/XSA-434, CVE-2022-40982/XSA-435). The... transient executionintel cpusqsbvulnerabilitiesamd https://www.qubes-os.org/news/2021/02/19/qsb-065/ QSB-065: Missed flush in XSA-321 backport (XSA-366) | Qubes OS We have just published Qubes Security Bulletin (QSB) 065: Missed flush in XSA-321 backport (XSA-366). The text of this QSB is reproduced below. This QSB and... qsbmissedflushxsaqubes https://www.osb-qsb.sk/ OSB dosky-QSB,Košice-drevo-stavba-dom-izolácia Predaj OSB dosky, QSB dosky - Košice, Michalovce, Vranov nad Topľov, Sobrance, Sečovce, Moldava nad Bodvou, Rožňava, Prešov, Trebišov, Turňa nad Bodvou, osbdoskyqsbdrevostavba https://www.qubes-os.org/news/2017/11/28/qsb-36/ QSB #36: Xen hypervisor issue in populate-on-demand code (XSA-247) | Qubes OS Dear Qubes Community, We have just published Qubes Security Bulletin (QSB) #36: Xen hypervisor issue in populate-on-demand code (XSA-247). The text of this QSB... qsbxenhypervisorissuepopulate https://www.qubes-os.org/news/2021/08/25/qsb-070/ QSB-070: Xen issues related to grant tables v2 and IOMMU | Qubes OS We have just published Qubes Security Bulletin (QSB) 070: Xen issues related to grant tables v2 and IOMMU. The text of this QSB is reproduced below. This QSB... issues relatedqsbxengranttables https://www.qubes-os.org/news/2017/06/20/qsb-31/ QSB #31: Xen hypervisor vulnerabilities with unresearched impact (XSA 216-224) | Qubes OS Dear Qubes community, We have just published Qubes Security Bulletin (QSB) #31: Xen hypervisor vulnerabilities with unresearched impact (XSA 216-224). The text... qsbxenhypervisorvulnerabilitiesimpact https://www.qubes-os.org/news/2019/12/11/qsb-055/ QSB #055: Issues with PV type change and handling IOMMU on AMD (XSA-310, XSA-311) | Qubes OS We have just published Qubes Security Bulletin (QSB) #055: Issues with PV type change and handling IOMMU on AMD (XSA-310, XSA-311). The text of this QSB is... qsbissuespvtypechange https://www.qubes-os.org/news/2022/04/05/qsb-079/ QSB-079: Two IOMMU-related Xen issues (XSA-399, XSA-400) | Qubes OS We have just published Qubes Security Bulletin (QSB) 079: Two IOMMU-related Xen issues (XSA-399, XSA-400). The text of this QSB is reproduced below. This QSB... qsbtworelatedxenissues https://www.qubes-os.org/news/2019/07/24/qsb-050/ QSB #050: Reinstalling a TemplateVM does not reset the private volume | Qubes OS Update 2019-08-01: Fixed packages are now available. QSB #050 has been updated accordingly. We have just published Qubes Security Bulletin (QSB) #050:... qsbresetprivatevolumequbes https://www.qubes-os.org/news/2023/10/10/qsb-095/ QSB-095: Missing IOMMU TLB flushing on x86 AMD systems | Qubes OS We have published Qubes Security Bulletin 095: Missing IOMMU TLB flushing on x86 AMD systems. The text of this QSB and its accompanying cryptographic... qsbmissingtlbflushingamd https://www.qubes-os.org/news/2020/10/20/qsb-060/ QSB #060: Multiple Xen issues (XSA-345, XSA-346, XSA-347) | Qubes OS We have just published Qubes Security Bulletin (QSB) #060: Multiple Xen issues (XSA-345, XSA-346, XSA-347). The text of this QSB is reproduced below. This QSB... qsbmultiplexenissuesxsa https://www.qubes-os.org/news/2019/02/19/qsb-47/ QSB #47: Insecure default DisposableVM networking configuration | Qubes OS We have just published Qubes Security Bulletin (QSB) #47: Insecure default DisposableVM networking configuration. The text of this QSB is reproduced below.... qsbinsecuredefaultnetworkingconfiguration https://www.qubes-os.org/news/2023/12/15/qsb-098/ QSB-098: CPU microcode updates not loaded with dom0 kernel version 6.6.x | Qubes OS We have published Qubes Security Bulletin 098: CPU microcode updates not loaded with dom0 kernel version 6.6.x. The text of this QSB and its accompanying... qsbcpumicrocodeupdatesloaded https://www.qubes-os.org/news/2024/10/17/qsb-105/ QSB-105: Missing enforced decorations for stubdomain windows under KDE | Qubes OS We have published Qubes Security Bulletin (QSB) 105: Missing enforced decorations for stubdomain windows under KDE. The text of this QSB and its accompanying... qsbmissingenforceddecorationswindows https://www.qubes-os.org/news/2024/11/12/qsb-106/ QSB-106: Information disclosure through uninitialized memory in libxl | Qubes OS We have published Qubes Security Bulletin (QSB) 106: Information disclosure through uninitialized memory in libxl. The text of this QSB and its accompanying... information disclosureqsbmemoryqubes https://www.qubes-os.org/news/2026/04/15/qsb-111/ QSB-111: xfce4-screensaver login bypass | Qubes OS We have published Qubes Security Bulletin (QSB) 111: xfce4-screensaver login bypass. The text of this QSB and its accompanying cryptographic signatures are... qsbscreensaverbypassqubesos https://www.qubes-os.org/news/2017/10/25/qsb-35/ QSB #35: Xen hypervisor issue related to grant tables (XSA-236) | Qubes OS Dear Qubes Community, We have published Qubes Security Bulletin (QSB) #35: Xen hypervisor issue related to grant tables (XSA-236). The text of this QSB is... qsbxenhypervisorissuerelated https://docs.zephyrproject.org/latest/boards/nxp/imx91_qsb/doc/index.html i.MX91 QSB — Zephyr Project Documentation zephyr projectqsbdocumentation https://www.qubes-os.org/news/2023/09/27/qsb-094/ QSB-094: x86/AMD: Divide speculative information leak | Qubes OS We have published Qubes Security Bulletin 094: x86/AMD: Divide speculative information leak. The text of this QSB and its accompanying cryptographic signatures... qsbamddividespeculativeinformation https://www.qubes-os.org/news/2023/11/14/qsb-096/ QSB-096: BTC/SRSO fixes not fully effective (XSA-446) | Qubes OS We have published Qubes Security Bulletin 096: BTC/SRSO fixes not fully effective (XSA-446). The text of this QSB and its accompanying cryptographic signatures... qsbbtcsrsofixesfully https://www.qubes-os.org/news/2017/08/15/qsb-32/ QSB #32: Xen hypervisor and Linux kernel vulnerabilities (XSA-226 through XSA-230) | Qubes OS Dear Qubes Community, We have just published Qubes Security Bulletin (QSB) #32: Xen hypervisor and Linux kernel vulnerabilities (XSA-226 through XSA-230). The... linux kernelqsbxenhypervisorvulnerabilities https://www.qubes-os.org/news/2024/07/16/qsb-103/ QSB-103: Double unlock in x86 guest IRQ handling (XSA-458) | Qubes OS We have published Qubes Security Bulletin (QSB) 103: Double unlock in x86 guest IRQ handling (XSA-458). The text of this QSB and its accompanying cryptographic... qsbdoubleunlockguesthandling https://www.qubes-os.org/news/2020/06/11/qsb-057/ QSB #057: Special Register Buffer speculative side channel (XSA-320) | Qubes OS We have just published Qubes Security Bulletin (QSB) #057: Special Register Buffer speculative side channel (XSA-320). The text of this QSB is reproduced... side channelqsbspecialregisterbuffer https://www.qubes-os.org/news/2021/03/03/qsb-066/ QSB-066: XML injection through libvirt domain configuration | Qubes OS We have just published Qubes Security Bulletin (QSB) 066: XML injection through libvirt domain configuration. The text of this QSB is reproduced below. This... domain configurationqsbxmlinjectionlibvirt https://www.qubes-os.org/news/2023/05/11/qsb-089/ QSB-089: Qrexec: Memory corruption in service request handling | Qubes OS We have published Qubes Security Bulletin (QSB) 089: Qrexec: Memory corruption in service request handling. The text of this QSB and its accompanying... service requestqsbmemorycorruptionhandling