191 matches found
How to connect to Xenserver/dom0 and SVM on a SDX
Demonstrate how to connect to XenServer/dom0 and SVM on an SDX via CLI & GUI...
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
CVE-2022-42333
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
x86/HVM pinned cache attributes mis-handling
ISSUE DESCRIPTION To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such...
CVE-2022-42333
CVE-2022-42333 and CVE-2022-42334 pertain to Xen Hypervisor issues: (1) CVE-2022-42333 – mis-handling of HVM pinned cache attributes when controlling domains with passed-through devices, where an interface allows overriding defaults; (2) CVE-2022-42334 – unbounded number of controlled regions and...
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
CBL Mariner 2.0 Security Update: kernel (CVE-2022-33744)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-33744 advisory. - Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to...
SUSE CVE-2018-10472
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users in certain configurations to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot...
SUSE CVE-2020-27673
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service host OS hang via a high rate of events to dom0, aka CID-e99502f76271...
SUSE CVE-2020-29568
An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OO...
SUSE CVE-2020-29569
An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the...
SUSE CVE-2022-42322
Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...
Xenstore: Cooperating guests can create arbitrary numbers of nodes (XSA-419)
Xenstore: Two malicious guests working together can create an arbitrary number of Xenstore nodes and drive xenstored into an out of memory situation. This is possible by domain A letting domain B write into domain A local Xenstore tree. Domain B can then create many nodes and reboot. The nodes...
ALPINE-CVE-2022-42322
Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...
CVE-2022-42322
Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...
CVE-2022-42322
Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...
CVE-2022-42322
Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...
Design/Logic Flaw
Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...