Qubes security bulletins (QSBs)

A Qubes security bulletin (QSB) is a security announcement issued by the Qubes security team through the Qubes security pack. A QSB typically provides a summary and impact analysis of one or more recently-discovered software vulnerabilities, including details about patching to address them. For Xen security advisories (XSAs), see the XSA tracker.

Full list

Date Qubes security bulletin
2024-04-09 QSB-102: Multiple speculative-execution vulnerabilities: Spectre-BHB, BTC/...
2024-03-12 QSB-101: Register File Data Sampling (XSA-452)
2024-01-30 QSB-100: Incorrect handling of PCI devices with phantom functions (XSA-449)
2024-01-19 QSB-099: Qrexec policy leak via policy.RegisterArgument service
2023-12-15 QSB-098: CPU microcode updates not loaded with dom0 kernel version 6.6.x
2023-11-14 QSB-097: "Reptar" Intel redundant prefix vulnerability
2023-11-14 QSB-096: BTC/SRSO fixes not fully effective (XSA-446)
2023-10-10 QSB-095: Missing IOMMU TLB flushing on x86 AMD systems
2023-09-27 QSB-094: x86/AMD: Divide speculative information leak
2023-08-09 QSB-093: Transient execution vulnerabilities in AMD and Intel CPUs
2023-08-08 QSB-092: Buffer overrun in Linux netback driver (XSA-432)
2023-07-26 QSB-091: Windows PV drivers potentially compromised
2023-07-24 QSB-090: Zenbleed (CVE-2023-20593, XSA-433)
2023-05-11 QSB-089: Qrexec: Memory corruption in service request handling
2023-03-21 QSB-088: Two Xen issues affecting PV (stub-)domains (XSA-428, XSA-429)
2022-11-23 QSB-087: Qrexec: Injection of unsanitized data into log output
2022-11-08 QSB-086: Speculative security issues on AMD CPUs (XSA-422)
2022-11-01 QSB-085: Xenstore: Guests can crash xenstored (XSA-414)
2022-08-06 QSB-084: Split GPG: GnuPG file descriptor confusion and file existence leak
2022-07-13 QSB-083: Retbleed: Arbitrary speculative code execution with return instru...
2022-07-05 QSB-082: Memory management issues in PV frontend drivers
2022-06-17 QSB-081: x86: MMIO Stale Data vulnerabilities (XSA-404)
2022-06-09 QSB-080: Issues with PV domains and PCI passthrough (XSA-401, XSA-402)
2022-04-05 QSB-079: Two IOMMU-related Xen issues (XSA-399, XSA-400)
2022-03-10 QSB-078: Linux kernel PV driver issues and LVM misconfiguration
2022-03-09 QSB-077: Multiple speculative security issues (XSA-398)
2022-02-11 QSB-076: Intel microcode updates
2022-01-25 QSB-075: Insufficient cleanup of passed-through device IRQs (XSA-395)
2021-11-23 QSB-074: Xen issues related to populate-on-demand (XSA-388, XSA-389)
2021-10-15 QSB-073: Race condition when setting override-redirect flag
2021-09-27 QSB-072: Inconsistent handling of the override-redirect flag
2021-09-09 QSB-071: Fatal options filtering flaw in Split GPG
2021-08-25 QSB-070: Xen issues related to grant tables v2 and IOMMU
2021-06-08 QSB-069: Multiple Xen and Intel issues
2021-06-04 QSB-068: Disconnecting a video output can cause XScreenSaver to crash
2021-03-19 QSB-067: Multiple RPM vulnerabilities
2021-03-03 QSB-066: XML injection through libvirt domain configuration
2021-02-18 QSB-065: Missed flush in XSA-321 backport (XSA-366)
2021-02-16 QSB-064: Linux: error handling issues in blkback's grant mapping (XSA-365)
2020-12-15 QSB-063: Multiple Xen issues (XSA-115, XSA-325, XSA-350)
2020-11-24 QSB-062: Stack corruption from XSA-346 change (XSA-355)
2020-11-10 QSB-061: Information leak via power sidechannel (XSA-351)
2020-10-20 QSB-060: Multiple Xen issues (XSA-345, XSA-346, XSA-347)
2020-09-22 QSB-059: Multiple Xen issues (XSA-337, XSA-340, XSA-343)
2020-07-07 QSB-058: Insufficient cache write-back under VT-d (XSA-321)
2020-06-11 QSB-057: Special Register Buffer speculative side channel (XSA-320)
2019-12-25 QSB-056: Insufficient anti-spoofing firewall rules
2019-12-11 QSB-055: Issues with PV type change and handling IOMMU on AMD (XSA-310, XS...
2019-11-26 QSB-054: Xen fix for XSA-302 found ineffective in Qubes configuration (XSA...
2019-11-13 QSB-053: TSX Asynchronous Abort speculative side channel (XSA-305)
2019-10-31 QSB-052: Xen issues affecting PCI passthrough and PV domains (XSA-299, XSA...
2019-09-10 QSB-051: Insufficient validation of backup compression filter on restore
2019-07-24 QSB-050: Reinstalling a TemplateVM does not reset the private volume
2019-05-15 QSB-049: Microarchitectural Data Sampling speculative side channel (XSA-297)
2019-03-05 QSB-048: Multiple Xen vulnerabilities
2019-02-19 QSB-047: Insecure default DisposableVM networking configuration
2019-01-23 QSB-046: APT update mechanism vulnerability
2018-12-03 QSB-045: Insecure default Salt configuration
2018-11-20 QSB-044: Multiple Xen vulnerabilities (XSA-275, XSA-280)
2018-09-02 QSB-043: L1 Terminal Fault speculative side channel (XSA-273)
2018-08-14 QSB-042: Linux netback driver OOB access in hash handling (XSA-270)
2018-06-13 QSB-041: Speculative register leakage from lazy FPU context switching (XSA...
2018-05-24 QSB-040: Information leaks due to processor speculative store bypass (XSA-...
2018-05-08 QSB-039: Xen vulnerability (XSA-260) and GUI daemon issue
2018-02-20 QSB-038: Qrexec policy bypass and possible information leak
2018-01-11 QSB-037: Information leaks due to processor speculative execution bugs
2017-11-28 QSB-036: Xen hypervisor issue in populate-on-demand code (XSA-247)
2017-10-24 QSB-035: Xen hypervisor issue related to grant tables (XSA-236)
2017-10-12 QSB-034: GUI issue and Xen vulnerabilities (XSA-237 through XSA-244)
2017-09-12 QSB-033: Xen hypervisor (XSA-231 through XSA-234)
2017-08-15 QSB-032: Xen hypervisor and Linux kernel vulnerabilities (XSA-226 through ...
2017-06-20 QSB-031: Xen hypervisor vulnerabilities with unresearched impact (XSA 216-...
2017-05-02 QSB-030: Critical Xen bugs related to PV memory virtualization (XSA-213, X...
2017-04-04 QSB-029: Critical Xen bug in PV memory virtualization code (XSA-212)
2016-12-19 QSB-028: Debian update mechanism vulnerability
2016-11-22 QSB-027: Xen 64-bit bit test instruction emulation broken (XSA 195)
2016-09-19 QSB-026: Colored window border handling bug in Qubes GUI daemon
2016-09-08 QSB-025: Xen bug in event channel handling code (XSA 188)
2016-07-26 QSB-024: Critical Xen bug in PV memory virtualization code (XSA 182)
2015-12-17 QSB-023: Race condition bugs in Xen code (XSA-155 and XSA-166), other Xen ...
2015-10-29 QSB-022: Critical Xen bug in PV memory virtualization code (XSA 148)
2015-07-27 QSB-021: Anti Evil Maid bypass through filesystem ID collision
2015-07-27 QSB-020: Fedora os-prober considered harmful
2015-07-13 QSB-019: Anti Evil Maid bypass through unusual LUKS header
2015-03-10 QSB-018: Xen Hypervisor Instruction Emulation Bug (XSA 123)
2015-03-10 QSB-017: Xen DoS from malicious driver domains or devices (XSA 120 & 124)
2015-03-05 QSB-016: Xen Hypervisor Information Leaks Vulnerabilities (XSA 121 & 122)
2015-01-21 QSB-015: Critical Xen Hypervisor Vulnerability (XSA 109)
2015-01-20 QSB-014: Race condition in Qubes Inter-VM File-Copy Mechanism
2015-01-05 QSB-013: Qubes Clipboard Timing Attacks and Qubes Core Python API Inconsis...
2014-10-01 QSB-012: Memory leak in Xen hypervisor via RDMSR emulation bug (XSA 108)
2014-09-10 QSB-011: Qubes clipboard inter-VM leak
2014-02-06 QSB-010: Qubes pulseaudio & vchan bugs, Xen XSA 87
2014-01-09 QSB-009: Qubes qvm-open-in-[d]vm environment inter-VM leak
2013-06-26 QSB-008: Xen hypervisor bugs: XSA 45,58 potential DoS
2013-06-21 QSB-007: Xen hypervisor bugs: XSA 57 potential escalation, also XSA 52-54 ...
2013-05-07 QSB-006: Xen hypervisor bugs: XSA 50, others with DoS potential
2012-12-04 QSB-005: Xen hypervisor bugs: XSA 29, others with DoS potential
2012-09-28 QSB-004: Qubes firewall misconfiguration: ipv6 allowed
2012-09-11 QSB-003: Xen hypervisor bugs: XSA 13, others with DoS potential
2012-06-12 QSB-002: Intel SYSRET bug
2011-05-12 QSB-001: Gui daemon bug, Intel VT-d escape on non-IR hardware