Lucene search
K

191 matches found

Citrix
Citrix
added 2023/08/16 12:0 a.m.15 views

How to connect to Xenserver/dom0 and SVM on a SDX

Demonstrate how to connect to XenServer/dom0 and SVM on an SDX via CLI & GUI...

7.1AI score
Exploits0
NVD
NVD
added 2023/03/21 1:15 p.m.33 views

CVE-2022-42334

x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...

6.5CVSS7.2AI score0.00267EPSS
Exploits0References7
OSV
OSV
added 2023/03/21 1:15 p.m.36 views

CVE-2022-42334

x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...

6.5CVSS6.6AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2023/03/21 1:15 p.m.25 views

CVE-2022-42333

x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...

8.6CVSS6.9AI score0.01189EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2023/03/21 1:15 p.m.42 views

CVE-2022-42334

x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...

8.6CVSS7.4AI score0.01189EPSS
Exploits0
Xen Project
Xen Project
added 2023/03/21 12:0 p.m.54 views

x86/HVM pinned cache attributes mis-handling

ISSUE DESCRIPTION To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such...

8.6CVSS6.8AI score0.01189EPSS
Exploits0Affected Software1
CVE
CVE
added 2023/03/21 12:0 a.m.87 views

CVE-2022-42333

CVE-2022-42333 and CVE-2022-42334 pertain to Xen Hypervisor issues: (1) CVE-2022-42333 – mis-handling of HVM pinned cache attributes when controlling domains with passed-through devices, where an interface allows overriding defaults; (2) CVE-2022-42334 – unbounded number of controlled regions and...

8.6CVSS7AI score0.01189EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2023/03/21 12:0 a.m.55 views

CVE-2022-42334

x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...

6.5CVSS6.8AI score0.00267EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.31 views

CBL Mariner 2.0 Security Update: kernel (CVE-2022-33744)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-33744 advisory. - Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to...

4.7CVSS6.6AI score0.00309EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.5 views

SUSE CVE-2018-10472

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users in certain configurations to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot...

5.6CVSS6.7AI score0.00373EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.2 views

SUSE CVE-2020-27673

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service host OS hang via a high rate of events to dom0, aka CID-e99502f76271...

6.2CVSS6.2AI score0.0041EPSS
Exploits0References39
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.4 views

SUSE CVE-2020-29568

An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OO...

6.5CVSS6.4AI score0.00348EPSS
Exploits0References25
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.8 views

SUSE CVE-2020-29569

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the...

8.8CVSS6AI score0.00388EPSS
Exploits0References32
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.4 views

SUSE CVE-2022-42322

Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...

5.3CVSS5.7AI score0.00277EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2022/11/22 12:0 a.m.51 views

Xenstore: Cooperating guests can create arbitrary numbers of nodes (XSA-419)

Xenstore: Two malicious guests working together can create an arbitrary number of Xenstore nodes and drive xenstored into an out of memory situation. This is possible by domain A letting domain B write into domain A local Xenstore tree. Domain B can then create many nodes and reboot. The nodes...

5.5CVSS5.8AI score0.00277EPSS
Exploits0References3
OSV
OSV
added 2022/11/01 1:15 p.m.3 views

ALPINE-CVE-2022-42322

Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...

5.5CVSS6.9AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2022/11/01 1:15 p.m.19 views

CVE-2022-42322

Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...

5.5CVSS0.00277EPSS
Exploits0References8
OSV
OSV
added 2022/11/01 1:15 p.m.37 views

CVE-2022-42322

Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...

5.5CVSS2.4AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2022/11/01 1:15 p.m.25 views

CVE-2022-42322

Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...

5.5CVSS6.1AI score0.00277EPSS
Exploits0References5
Prion
Prion
added 2022/11/01 1:15 p.m.27 views

Design/Logic Flaw

Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...

1.7CVSS5.5AI score0.00277EPSS
Exploits0References8Affected Software2
Rows per page
Query Builder