18 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-18425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missin...
CVE-2019-18425
creationtimestamp| type| source ---|---|--- 2024-02-01 10:12:02+00:00| seen| https://t.me/ctinow/177440...
Mageia: Security Advisory (MGASA-2020-0113)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2960-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:3297-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2962-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2020:14448-1 Security update for xen
This update for xen fixes the following issues: - bsc1174543 - secure boot related fixes - bsc1163019 - CVE-2020-8608: potential OOB access due to unsafe snprintf usages - bsc1169392 - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy - bsc1168140 - CVE-2020-11740, CVE-2020-11741: multipl...
GLSA-202003-56 : Xen: Multiple vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
The remote host is affected by the vulnerability described in GLSA-202003-56 Xen: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Xen. Please review the referenced CVE identifiers for details. Impact : A local attacker could potentially gain privileges on the host system...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:0388-1)
This update for xen fixes the following issues : CVE-2018-12207: Fixed a race condition where untrusted virtual machines could have been using the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional bsc1155945...
SUSE SLES12 Security Update : xen (SUSE-SU-2019:3297-1)
This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...
SUSE-SU-2019:3297-1 Security update for xen
This update for xen fixes the following issues: - CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. - CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. - CVE-2019-19583: Fixed...
Fedora 31 : xen (2019-376ec5c107)
add missing XSA-299 patches ---- x86: Machine Check Error on Page Size Change DoS XSA-304, CVE-2018-12207 TSX Asynchronous Abort speculative side channel XSA-305, CVE-2019-11135 ---- VCPUOPinitialise DoS XSA-296, CVE-2019-18420 missing descriptor table limit checking in x86 PV emulation XSA-298,...
openSUSE Security Update : xen (openSUSE-2019-2506)
This update for xen fixes the following issues : - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. bsc1155945 -...
openSUSE Security Update : xen (openSUSE-2019-2508)
This update for xen fixes the following issues : - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. bsc1155945 -...
OPENSUSE-SU-2019:2506-1 Security update for xen
This update for xen fixes the following issues: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. bsc1155945 -...
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2019:2960-1)
This update for xen fixes the following issues : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. bsc1155945...
SUSE-SU-2019:2960-1 Security update for xen
This update for xen fixes the following issues: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. bsc1155945 -...
CVE-2019-18425
CVE-2019-18425 affects Xen across 3.2+ and enables privilege escalation in 32-bit PV guests due to missing descriptor table limit checks in x86 PV emulation. The vulnerability is limited to 32-bit PV guest user mode; HVM/PVH/64-bit PV guests and ARM are not affected. Exploitation would let a gues...