The Xen Project has released one or more Xen Security Advisories (XSAs). The security of Qubes OS is affected. Therefore, user action is required.

XSAs that affect the security of Qubes OS (user action required)

The following XSAs do affect the security of Qubes OS:

  • XSA-388
  • XSA-389

Please see QSB-074 for the actions users must take in order to protect themselves, as well as further details about these XSAs:

https://www.qubes-os.org/news/2021/11/24/qsb-074/

XSAs that do not affect the security of Qubes OS (no user action required)

The following XSAs do not affect the security of Qubes OS, and no user action is necessary:

  • XSA-385 (DoS only; Qubes has BIGMEM disabled)
  • XSA-387 (Qubes has grant tables v2 disabled)