Lucene search
+L

13 matches found

OpenVAS
OpenVAS
added 2022/10/20 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2022:3665-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.3AI score0.00375EPSS
Exploits0References2
NVD
NVD
added 2021/06/11 3:15 p.m.37 views

CVE-2021-28689

x86: Speculative vulnerabilities with bare non-shim 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to...

5.5CVSS0.00375EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/06/11 3:15 p.m.43 views

CVE-2021-28689

x86: Speculative vulnerabilities with bare non-shim 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to...

5.5CVSS6.2AI score0.00375EPSS
Exploits0References2
CVE
CVE
added 2021/06/11 2:53 p.m.81 views

CVE-2021-28689

CVE-2021-28689 concerns the Xen hypervisor. The issue affects 32-bit PV guests running in ring 1 on x86, where 32-bit PV guest kernels were paravirtualised in the original design. The underlying cause is speculative execution side-channel risk in this ring, with Indirect Branch Restricted Specula...

5.5CVSS6.7AI score0.00375EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/11 2:53 p.m.36 views

CVE-2021-28689

x86: Speculative vulnerabilities with bare non-shim 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to...

7.5AI score0.00375EPSS
Exploits0References1
Xen Project
Xen Project
added 2021/05/04 12:0 p.m.71 views

x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests

ISSUE DESCRIPTION 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to virtualization. In AMD64, Xen had to use a different...

5.5CVSS0.5AI score0.00375EPSS
Exploits0
Xen Project
Xen Project
added 2017/05/02 12:0 p.m.61 views

x86: 64bit PV guest breakout via pagetable use-after-mode-change

ISSUE DESCRIPTION 64-bit PV guests typically use separate root page tables for their kernel and user modes. Hypercalls are accessible to guest kernel context only, which certain hypercall handlers make assumptions on. The IRET hypercall replacing the identically name CPU instruction is used by...

8.8CVSS6.7AI score0.0049EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/12/05 12:0 a.m.53 views

FreeBSD : xen-kernel -- x86: Disallow L3 recursive pagetable for 32-bit PV guests (45ca25b5-ba4d-11e6-ae1b-002590263bf5)

The Xen Project reports : On real hardware, a 32-bit PAE guest must leave the USER and RW bit clear in L3 pagetable entries, but the pagetable walk behaves as if they were set. The L3 entries are cached in processor registers, and don't actually form part of the pagewalk. When running a 32-bit PV...

8.2CVSS7.6AI score0.00402EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/11/15 12:0 a.m.44 views

Fedora 25 : xen (2016-1d8429b89f)

fix build problem with glibc 2.24 x86: Disallow L3 recursive pagetable for 32-bit PV guests XSA-185, CVE-2016-7092 x86: Mishandling of instruction pointer truncation during emulation XSA-186, CVE-2016-7093 x86 HVM: Overflow of shctxt-segreg XSA-187, CVE-2016-7094 pandoc documentation has dependen...

8.2CVSS6.3AI score0.00425EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/09/22 12:0 a.m.36 views

Fedora 23 : xen (2016-1c3374bcb9)

x86: Disallow L3 recursive pagetable for 32-bit PV guests XSA-185, CVE-2016-7092 1374470 x86: Mishandling of instruction pointer truncation during emulation XSA-186, CVE-2016-7093 1374471 x86 HVM: Overflow of shctxt-segreg XSA-187, CVE-2016-7094 1374473 Note that Tenable Network Security has...

8.2CVSS6.3AI score0.00425EPSS
Exploits0References4
Xen Project
Xen Project
added 2016/09/08 12:0 p.m.38 views

x86: Disallow L3 recursive pagetable for 32-bit PV guests

ISSUE DESCRIPTION On real hardware, a 32-bit PAE guest must leave the USER and RW bit clear in L3 pagetable entries, but the pagetable walk behaves as if they were set. The L3 entries are cached in processor registers, and don't actually form part of the pagewalk. When running a 32-bit PV guest o...

8.2CVSS0.2AI score0.00402EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2016/09/08 12:0 a.m.39 views

xen-kernel -- x86: Disallow L3 recursive pagetable for 32-bit PV guests

The Xen Project reports: On real hardware, a 32-bit PAE guest must leave the USER and RW bit clear in L3 pagetable entries, but the pagetable walk behaves as if they were set. The L3 entries are cached in processor registers, and don't actually form part of the pagewalk. When running a 32-bit PV...

8.2CVSS2AI score0.00402EPSS
Exploits0References1
Xen Project
Xen Project
added 2015/06/11 12:0 p.m.97 views

vulnerability in the iret hypercall handler

ISSUE DESCRIPTION A buggy loop in Xen's compatiret function iterates the wrong way around a 32-bit index. Any 32-bit PV guest kernel can trigger this vulnerability by attempting a hypercalliret with EFLAGS.VM set. Given the use of get/putuser, and that the virtual addresses in question are...

4.9CVSS6.6AI score0.00437EPSS
Exploits0Affected Software1
Rows per page
Query Builder