Astra Linux - уязвимость в linux-5.10, linux

Guests running on Arm can cause Denial of Service DoS attacks on Dom0 through PV devices. When mapping memory pages of guests on Arm, Dom0 uses an rbtree to keep track of the foreign mappings. The update of this rbtree does not always occur completely with the relevant lock held, resulting in a...

Astra Linux - уязвимость в linux

A issue was discovered in the Linux kernel through version 5.10.1, as used with Xen up to version 4.14.x. The Linux kernel’s PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when the thread is stopped. However, the handler may not have enough time to execute if the...

Multiple RBAC issues in XAPI

ISSUE DESCRIPTION XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: https://docs.xenserver.com/en-us/xencenter/current-release/rbac-overview.htmlrbac-roles The pool-admin role is fully privileged. Notably, users with this role can als...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001429)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001429 advisory. An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004077)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004077 advisory. An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001341)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001341 advisory. An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001357)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001357 advisory. An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service host OS hang via a high rate...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001700)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001700 advisory. Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that...

CVE-2009-4011

dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console...

EUVD-2018-2544

Malware in sbrugna...

EUVD-2020-21931

Malware in sbrugna...

EUVD-2009-3982

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414401 advisory. Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414667 advisory. An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are...

EUVD-2022-36783

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-11743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOPmapgrant. Grant table...

Linux Distros Unpatched Vulnerability : CVE-2022-42323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which...

Linux Distros Unpatched Vulnerability : CVE-2018-10472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users in certain configurations to read arbitrary dom0 files via QMP live insertion of a...

Linux Distros Unpatched Vulnerability : CVE-2022-33744

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of tha...

CVE-2022-42322

Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...