22 matches found
EUVD-2019-8194
Malware in sbrugna...
EUVD-2016-7972
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-18425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missin...
SUSE CVE-2013-0190
The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service guest crash by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption...
SUSE CVE-2014-3716
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service crash via an unspecified field in a DTB header in a 32-bit guest kernel...
SUSE CVE-2019-18425
An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performe...
CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
CVE-2019-18425
A flaw was in Xen. Guest specified limits for descriptor table access, during PV guest operations, were found to not be enforced. An attacker with the ability to emulate 32-bit guest user mode calls through call gates, would be allowed to install and then use descriptors of their choice as long a...
Xen Project Descriptor Table Limit Checking Privilege Escalation Vulnerability (XSA-298)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a privilege escalation vulnerability due to improper bounds checking for descriptor table accesses. An authenticated attacker, in user mode on a 32-bit guest, could leverage this...
DEBIAN-CVE-2019-18425
An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performe...
PT-2019-4839 · Xen +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen versions 3.2 through 4.12.x Description: The issue is related to an error in the x86 PV emulation of the Xen hypervisor, specifically a missing check for the descriptor table limit. This could allow a remote attacker to access confidentia...
CVE-2016-6259
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention SMAP whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service hypervisor and VM crash by triggering a safety check...
CVE-2014-3716
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service crash via an unspecified field in a DTB header in a 32-bit guest kernel...
Design/Logic Flaw
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service crash via an unspecified field in a DTB header in a 32-bit guest kernel...
Buffer overflow
Buffer overflow in Xen 4.4.x allows local users to read system memory or cause a denial of service crash via a crafted 32-bit guest kernel, related to searching for an appended DTB...
CVE-2014-3716
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service crash via an unspecified field in a DTB header in a 32-bit guest kernel...
CVE-2014-3715
Buffer overflow in Xen 4.4.x allows local users to read system memory or cause a denial of service crash via a crafted 32-bit guest kernel, related to searching for an appended DTB...
CVE-2014-3716
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service crash via an unspecified field in a DTB header in a 32-bit guest kernel...
CVE-2014-3715
CVE-2014-3715 : A buffer overflow in Xen 4.4.x occurs when processing a crafted 32-bit guest kernel, related to searching for an appended DTB. This can allow local users to read system memory or cause a denial of service (crash). The connected documents do not specify a remediation or patch versi...
RHEL 5 : kernel (RHSA-2009:1106)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1106 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: several flaws were found in the way th...