Lucene search
K

26 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

Guests running on Arm can cause Denial of Service DoS attacks on Dom0 through PV devices. When mapping memory pages of guests on Arm, Dom0 uses an rbtree to keep track of the foreign mappings. The update of this rbtree does not always occur completely with the relevant lock held, resulting in a...

4.7CVSS6.5AI score0.00309EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel through version 5.10.1, as used with Xen up to version 4.14.x. The Linux kernel’s PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when the thread is stopped. However, the handler may not have enough time to execute if the...

8.8CVSS6.6AI score0.00388EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001341)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001341 advisory. An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to...

8.8CVSS6.4AI score0.00388EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004077)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004077 advisory. An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the...

4.7CVSS6.5AI score0.00265EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-21931

Malware in sbrugna...

8.8CVSS6.3AI score0.00388EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414401 advisory. Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that...

4.7CVSS6.6AI score0.00309EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.8 views

SUSE CVE-2020-29569

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the...

8.8CVSS6AI score0.00388EPSS
Exploits0References32
Xen Project
Xen Project
added 2021/06/08 5:0 p.m.71 views

Guest triggered use-after-free in Linux xen-netback

ISSUE DESCRIPTION A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel thread termination will lead to a use-after-free in Linux...

7.8CVSS2.2AI score0.00361EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.54 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9038)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9038 advisory. - netfilter: add and use nfhookslowlist Florian Westphal Orabug: 32372530 CVE-2021-20177 - target: fix XCOPY NAA identifier lookup David Disseldorp...

8.8CVSS7AI score0.06563EPSS
Exploits1References7
OSV
OSV
added 2021/03/05 6:15 p.m.3 views

DEBIAN-CVE-2021-28039

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...

6.5CVSS6.4AI score0.00424EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/01/13 12:0 a.m.107 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9007)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9007 advisory. - xen-blkback: set ring-xenblkd to NULL after kthreadstop Pawel Wieczorkiewicz Orabug: 32260252 CVE-2020-29569 - xenbus/xenbusbackend: Disallow...

8.8CVSS7.3AI score0.06692EPSS
Exploits8References7
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.56 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4680-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4680-1 advisory. It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local...

8.2CVSS7.2AI score0.06692EPSS
Exploits10References10
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.61 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4679-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4679-1 advisory. It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose...

7.2CVSS6.8AI score0.01026EPSS
Exploits4References7
OSV
OSV
added 2020/12/15 5:15 p.m.1 views

UBUNTU-CVE-2020-29569

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the...

8.8CVSS6.7AI score0.00388EPSS
Exploits0References7
Cvelist
Cvelist
added 2020/12/15 5:0 p.m.20 views

CVE-2020-29569

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the...

8.5AI score0.00388EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2020/12/15 5:0 p.m.47 views

CVE-2020-29569

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the...

8.8CVSS8.6AI score0.00388EPSS
Exploits0
Xen Project
Xen Project
added 2020/12/15 12:0 p.m.96 views

Use after free triggered by block frontend in Linux blkback

ISSUE DESCRIPTION The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggle between the states connect and disconnect. As a consequence, the block backend may re-use ...

8.8CVSS0.6AI score0.00388EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2020/12/15 12:0 a.m.46 views

CVE-2020-29569

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the...

8.8CVSS6.7AI score0.00388EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2020/11/04 8:0 a.m.3 views

An issue was discovered in the Linux kernel through 5.9.1 as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device aka CID-073d0552ead5.

...

4.7CVSS8.4AI score0.00265EPSS
Exploits0
NVD
NVD
added 2020/10/22 9:15 p.m.16 views

CVE-2020-27675

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the event-handling loop a race condition. This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash vi...

4.7CVSS0.00265EPSS
Exploits0References10
Rows per page
Query Builder