x86: mismatched mapcache metadata

ISSUE DESCRIPTION Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache. IMPACT Privilege escalation, Denial of...

SUSE-SU-2023:3832-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145...

Xen PV Guest Non-SELFSNOOP CPU Memory Corruption

Xen: PV guest on non-SELFSNOOP CPUs can validate non-coherent L2 pagetable I'm not sure whether there are any major users of unshimmed Xen PV left, but https://xenbits.xen.org/docs/unstable/support-matrix.html says it's still a security-supported usecase for 64-bit guests. Tested on Debian's Xen...

OPENSUSE-SU-2021:0723-1 Security update for virtualbox

This update for virtualbox fixes the following issues: virtualbox was updated to 6.1.22 released April 29 2021 by Oracle This is a maintenance release. The following items were fixed and/or added: - VMM: Improved performance of 64-bit Windows and Solaris guests when Hyper-V is used on recent...

DEBIAN-CVE-2016-10013

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation...

CVE-2011-1166

Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service host crash by specifying user mode execution without user-mode pagetables...

CVE-2013-4356

Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service crash...