Lucene search
K

24 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.8 views

SUSE CVE-2016-3158

The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOT...

3.8CVSS6.1AI score0.0041EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2013-0197)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS4.9AI score0.01058EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2013:1314-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS4.9AI score0.00562EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2013:1075-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS5AI score0.01058EPSS
Exploits0References2
Prion
Prion
added 2016/04/13 4:59 p.m.34 views

Information disclosure

The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOT...

1.7CVSS3.9AI score0.00496EPSS
Exploits0References10Affected Software3
Prion
Prion
added 2016/04/13 4:59 p.m.31 views

Design/Logic Flaw

The fpufxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits...

1.7CVSS3.9AI score0.00496EPSS
Exploits0References9Affected Software4
Tenable Nessus
Tenable Nessus
added 2015/06/12 12:0 a.m.45 views

OracleVM 3.2 : xen (OVMSA-2015-0068) (POODLE) (Venom)

The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0068 for details. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory...

8.3CVSS7AI score0.99999EPSS
Exploits13References68
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.36 views

OracleVM 3.2 : xen (OVMSA-2013-0042)

The remote OracleVM system is missing necessary patches to address critical security updates : - Other than the HVM emulation path, the PV case so far failed to check that YMM state requires SSE state to be enabled, allowing for a GP to occur upon passing the inputs to XSETBV inside the hyperviso...

5.2CVSS5.7AI score0.00531EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.32 views

OracleVM 3.1 : xen (OVMSA-2013-0043)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/xsave: properly check guest input to XSETBV Other than the HVM emulation path, the PV case so far failed to check that YMM state requires SSE state to be enabled, allowing for a GP to occur upon...

5.2CVSS5.7AI score0.00531EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/08/19 12:0 a.m.34 views

Debian DSA-3006-1 : xen - security update

Multiple security issues have been discovered in the Xen virtualisation solution which may result in information leaks or denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

7.4CVSS5.6AI score0.0081EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.54 views

openSUSE Security Update : xen (openSUSE-SU-2013:1392-1)

XEN was updated to 4.1.5 release. It fixes various bugs and security issues. Issues fixed separately from the 4.1.5 release : - bnc824676 - Failed to setup devices for vm instance when start multiple vms simultaneously - bncXXXXXX - xen: CVE-2013-XXXX: XSA-61: suppress device assignment to HVM...

7.4CVSS5.6AI score0.01058EPSS
Exploits0References32
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.18 views

Fedora Update for xen FEDORA-2013-22312

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS5.4AI score0.04904EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/09/24 12:0 a.m.25 views

Fedora Update for xen FEDORA-2013-16371

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS5.4AI score0.04904EPSS
Exploits0References2
OSV
OSV
added 2013/08/28 9:55 p.m.10 views

CVE-2013-2076

Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which can be leveraged t...

4.9AI score
Exploits0References5
CVE
CVE
added 2013/08/28 5:0 p.m.85 views

CVE-2013-2076

CVE-2013-2076 affects Xen on AMD64: when running Xen 4.0.x/4.1.x/4.2.x on AMD64, FXSAVE/FXRSTOR saves only some x87/FPU state during a pending exception, enabling a domain to glean parts of another domain’s floating-point state and potentially sensitive data (e.g., cryptographic keys). Related fo...

4.3CVSS4.1AI score0.00496EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.38 views

Fedora 19 : xen-4.2.2-6.fc19 (2013-9986)

Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-52, CVE-2013-2076 970206 Hypervisor crash due to missing exception recovery on XRSTOR XSA-53, CVE-2013-2077 970204 Hypervisor crash due to missing exception recovery on XSETBV XSA-54, CVE-2013-2078 970202 Multiple vulnerabilities in libelf PV...

5.2CVSS5.6AI score0.00531EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.33 views

Fedora 17 : xen-4.1.5-5.fc17 (2013-10247)

Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-52, CVE-2013-2076 970206 Hypervisor crash due to missing exception recovery on XRSTOR XSA-53, CVE-2013-2077 970204 Hypervisor crash due to missing exception recovery on XSETBV XSA-54, CVE-2013-2078 970202 Multiple vulnerabilities in libelf PV...

5.2CVSS5.6AI score0.00531EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.31 views

Fedora 18 : xen-4.2.2-6.fc18 (2013-10136)

Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-52, CVE-2013-2076 970206 Hypervisor crash due to missing exception recovery on XRSTOR XSA-53, CVE-2013-2077 970204 Hypervisor crash due to missing exception recovery on XSETBV XSA-54, CVE-2013-2078 970202 Multiple vulnerabilities in libelf PV...

5.2CVSS5.6AI score0.00531EPSS
Exploits0References8
Mageia
Mageia
added 2013/07/01 7:17 p.m.47 views

Updated xen package fixes security issues

This update fixes the following security issues: XSA-52/CVE-2013-2076: Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-53/CVE-2013-2077: Hypervisor crash due to missing exception recovery on XRSTOR XSA-54/CVE-2013-2078: Hypervisor crash due to missing exception recovery on XSETBV...

7.4CVSS1.3AI score0.01058EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/06/26 12:0 a.m.29 views

SuSE 11.2 Security Update : Xen (SAT Patch Number 7798)

XEN has been updated to 4.1.5 c/s 23509 to fix various bugs and security issues. The following security issues have been fixed : - Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier were not preemptible, which allowed local PV kernels to cause a denial of service via...

7.4CVSS6AI score0.01058EPSS
Exploits0References33
Rows per page
Query Builder