5 matches found
Xen Management Tool DoS (XSA-323)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability due to a bad path name limit in oxenstored. A malicious guest administrator can exploit this, by creating paths in the guest's own namespace that are too...
Fedora 32 : xen (2020-df772b417b)
xenstore watch notifications lacking permission checks XSA-115, CVE-2020-29480 1908091 Xenstore: new domains inheriting existing node permissions XSA-322, CVE-2020-29481 1908095 Xenstore: wrong path length check XSA-323, CVE-2020-29482 1908096 Xenstore: guests can crash xenstored via watchs...
Fedora: Security Advisory for xen (FEDORA-2020-64859a826b)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-29482
creationtimestamp| type| source ---|---|--- 2020-12-15 20:46:45+00:00| seen| https://t.me/cibsecurity/20865...
CVE-2020-29482
CVE-2020-29482 affects Xen up to 4.14.x via oxenstored. A guest can create xenstore paths in its own namespace that exceed the pathname limit, because management tools must use absolute paths and oxenstored enforces a limit on the client-specified path. This can cause some management tools and de...