Qubes security bulletins (QSBs)

A Qubes security bulletin (QSB) is a security announcement issued by the Qubes security team through the Qubes security pack. A QSB typically provides a summary and impact analysis of one or more recently-discovered software vulnerabilities, including details about patching to address them. For Xen security advisories (XSAs), see the XSA tracker.

Full list

Date Qubes security bulletin
2022-11-23 QSB #087: Qrexec: Injection of unsanitized data into log output
2022-11-08 QSB #086: Speculative security issues on AMD CPUs (XSA-422)
2022-11-01 QSB #085: Xenstore: Guests can crash xenstored (XSA-414)
2022-08-06 QSB #084: Split GPG: GnuPG file descriptor confusion and file existence leak
2022-07-13 QSB #083: Retbleed: Arbitrary speculative code execution with return instru...
2022-07-05 QSB #082: Memory management issues in PV frontend drivers
2022-06-17 QSB #081: x86: MMIO Stale Data vulnerabilities (XSA-404)
2022-06-09 QSB #080: Issues with PV domains and PCI passthrough (XSA-401, XSA-402)
2022-04-05 QSB #079: Two IOMMU-related Xen issues (XSA-399, XSA-400)
2022-03-10 QSB #078: Linux kernel PV driver issues and LVM misconfiguration
2022-03-09 QSB #077: Multiple speculative security issues (XSA-398)
2022-02-11 QSB #076: Intel microcode updates
2022-01-25 QSB #075: Insufficient cleanup of passed-through device IRQs (XSA-395)
2021-11-23 QSB #074: Xen issues related to populate-on-demand (XSA-388, XSA-389)
2021-10-15 QSB #073: Race condition when setting override-redirect flag
2021-09-27 QSB #072: Inconsistent handling of the override-redirect flag
2021-09-09 QSB #071: Fatal options filtering flaw in Split GPG
2021-08-25 QSB #070: Xen issues related to grant tables v2 and IOMMU
2021-06-08 QSB #069: Multiple Xen and Intel issues
2021-06-04 QSB #068: Disconnecting a video output can cause XScreenSaver to crash
2021-03-19 QSB #067: Multiple RPM vulnerabilities
2021-03-03 QSB #066: XML injection through libvirt domain configuration
2021-02-18 QSB #065: Missed flush in XSA-321 backport (XSA-366)
2021-02-16 QSB #064: Linux: error handling issues in blkback's grant mapping (XSA-365)
2020-12-15 QSB #063: Multiple Xen issues (XSA-115, XSA-325, XSA-350)
2020-11-24 QSB #062: Stack corruption from XSA-346 change (XSA-355)
2020-11-10 QSB #061: Information leak via power sidechannel (XSA-351)
2020-10-20 QSB #060: Multiple Xen issues (XSA-345, XSA-346, XSA-347)
2020-09-22 QSB #059: Multiple Xen issues (XSA-337, XSA-340, XSA-343)
2020-07-07 QSB #058: Insufficient cache write-back under VT-d (XSA-321)
2020-06-11 QSB #057: Special Register Buffer speculative side channel (XSA-320)
2019-12-25 QSB #056: Insufficient anti-spoofing firewall rules
2019-12-11 QSB #055: Issues with PV type change and handling IOMMU on AMD (XSA-310, XS...
2019-11-26 QSB #054: Xen fix for XSA-302 found ineffective in Qubes configuration (XSA...
2019-11-13 QSB #053: TSX Asynchronous Abort speculative side channel (XSA-305)
2019-10-31 QSB #052: Xen issues affecting PCI passthrough and PV domains (XSA-299, XSA...
2019-09-10 QSB #051: Insufficient validation of backup compression filter on restore
2019-07-24 QSB #050: Reinstalling a TemplateVM does not reset the private volume
2019-05-15 QSB #049: Microarchitectural Data Sampling speculative side channel (XSA-297)
2019-03-05 QSB #048: Multiple Xen vulnerabilities
2019-02-19 QSB #047: Insecure default DisposableVM networking configuration
2019-01-23 QSB #046: APT update mechanism vulnerability
2018-12-03 QSB #045: Insecure default Salt configuration
2018-11-20 QSB #044: Multiple Xen vulnerabilities (XSA-275, XSA-280)
2018-09-02 QSB #043: L1 Terminal Fault speculative side channel (XSA-273)
2018-08-14 QSB #042: Linux netback driver OOB access in hash handling (XSA-270)
2018-06-13 QSB #041: Speculative register leakage from lazy FPU context switching (XSA...
2018-05-24 QSB #040: Information leaks due to processor speculative store bypass (XSA-...
2018-05-08 QSB #039: Xen vulnerability (XSA-260) and GUI daemon issue
2018-02-20 QSB #038: Qrexec policy bypass and possible information leak
2018-01-11 QSB #037: Information leaks due to processor speculative execution bugs
2017-11-28 QSB #036: Xen hypervisor issue in populate-on-demand code (XSA-247)
2017-10-24 QSB #035: Xen hypervisor issue related to grant tables (XSA-236)
2017-10-12 QSB #034: GUI issue and Xen vulnerabilities (XSA-237 through XSA-244)
2017-09-12 QSB #033: Xen hypervisor (XSA-231 through XSA-234)
2017-08-15 QSB #032: Xen hypervisor and Linux kernel vulnerabilities (XSA-226 through ...
2017-06-20 QSB #031: Xen hypervisor vulnerabilities with unresearched impact (XSA 216-...
2017-05-02 QSB #030: Critical Xen bugs related to PV memory virtualization (XSA-213, X...
2017-04-04 QSB #029: Critical Xen bug in PV memory virtualization code (XSA-212)
2016-12-19 QSB #028: Debian update mechanism vulnerability
2016-11-22 QSB #027: Xen 64-bit bit test instruction emulation broken (XSA 195)
2016-09-19 QSB #026: Colored window border handling bug in Qubes GUI daemon
2016-09-08 QSB #025: Xen bug in event channel handling code (XSA 188)
2016-07-26 QSB #024: Critical Xen bug in PV memory virtualization code (XSA 182)
2015-12-17 QSB #023: Race condition bugs in Xen code (XSA-155 and XSA-166), other Xen ...
2015-10-29 QSB #022: Critical Xen bug in PV memory virtualization code (XSA 148)
2015-07-27 QSB #021: Anti Evil Maid bypass through filesystem ID collision
2015-07-27 QSB #020: Fedora os-prober considered harmful
2015-07-13 QSB #019: Anti Evil Maid bypass through unusual LUKS header
2015-03-10 QSB #018: Xen Hypervisor Instruction Emulation Bug (XSA 123)
2015-03-10 QSB #017: Xen DoS from malicious driver domains or devices (XSA 120 & 124)
2015-03-05 QSB #016: Xen Hypervisor Information Leaks Vulnerabilities (XSA 121 & 122)
2015-01-21 QSB #015: Critical Xen Hypervisor Vulnerability (XSA 109)
2015-01-20 QSB #014: Race condition in Qubes Inter-VM File-Copy Mechanism
2015-01-05 QSB #013: Qubes Clipboard Timing Attacks and Qubes Core Python API Inconsis...
2014-10-01 QSB #012: Memory leak in Xen hypervisor via RDMSR emulation bug (XSA 108)
2014-09-10 QSB #011: Qubes clipboard inter-VM leak
2014-02-06 QSB #010: Qubes pulseaudio & vchan bugs, Xen XSA 87
2014-01-09 QSB #009: Qubes qvm-open-in-[d]vm environment inter-VM leak
2013-06-26 QSB #008: Xen hypervisor bugs: XSA 45,58 potential DoS
2013-06-21 QSB #007: Xen hypervisor bugs: XSA 57 potential escalation, also XSA 52-54 ...
2013-05-07 QSB #006: Xen hypervisor bugs: XSA 50, others with DoS potential
2012-12-04 QSB #005: Xen hypervisor bugs: XSA 29, others with DoS potential
2012-09-28 QSB #004: Qubes firewall misconfiguration: ipv6 allowed
2012-09-11 QSB #003: Xen hypervisor bugs: XSA 13, others with DoS potential
2012-06-12 QSB #002: Intel SYSRET bug
2011-05-12 QSB #001: Gui daemon bug, Intel VT-d escape on non-IR hardware