Lucene search
+L

13 matches found

cve
cve
added 2026/07/09 2:48 p.m.33 views

CVE-2026-23556

CVE-2026-23556 affects Xen oxenstored: when tearing down a domain, node data is cleaned but quota usage counts are leaked. On domain ID reuse, a new domain can create fewer nodes before being over quota. Impact is locally exploitable high-severity (CVSS 4.0 base 9.4, HIGH confidentiality, integri...

9.4CVSS5.9AI score0.00137EPSS
Exploits0References3
xen
xen
added 2026/04/28 12:0 p.m.13 views

oxenstored keeps quota related use counts across domain destruction

ISSUE DESCRIPTION When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota. IMPACT Over an extended period of time, new domains will b...

9.4CVSS5.2AI score0.00137EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/04/28 12:0 a.m.4 views

PT-2026-35871

Name of the Vulnerable Software and Affected Versions xen affected versions not specified Description Security issues were identified and addressed in the xen-4.21.1 04-1.1 package on the GA media of openSUSE Tumbleweed. Recommendations Update to the xen-4.21.1 04-1.1 package...

5.8AI score0.00158EPSS
Exploits0References14
euvd
euvd
added 2025/10/07 12:30 a.m.2 views

EUVD-2015-7712

Malware in sbrugna...

4.7CVSS8.5AI score0.00279EPSS
Exploits0References11
nessus
nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-29481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when...

8.8CVSS7.8AI score0.00347EPSS
Exploits0References2
susecve
susecve
added 2023/02/15 5:13 a.m.2 views

SUSE CVE-2015-7814

Race condition in the relinquishmemory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control to cause a denial of service host crash via vectors involving the destruction of a domain and using XENMEMdecreasereservation to reduce the memory of...

4.7CVSS6.1AI score0.00279EPSS
Exploits0References3
susecve
susecve
added 2023/02/15 3:51 a.m.2 views

SUSE CVE-2020-29481

An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes...

6.5CVSS6.3AI score0.00347EPSS
Exploits0References21
osv
osv
added 2020/12/15 6:15 p.m.2 views

ALPINE-CVE-2020-29481

An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes...

8.8CVSS6.3AI score0.00347EPSS
Exploits0References1
osv
osv
added 2020/12/15 6:15 p.m.3 views

DEBIAN-CVE-2020-29481

An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes...

8.8CVSS8.2AI score0.00347EPSS
Exploits0References1
osv
osv
added 2020/12/15 6:15 p.m.3 views

UBUNTU-CVE-2020-29481

An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes...

8.8CVSS7.2AI score0.00347EPSS
Exploits0References3
osv
osv
added 2015/10/30 3:59 p.m.1 views

DEBIAN-CVE-2015-7814

Race condition in the relinquishmemory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control to cause a denial of service host crash via vectors involving the destruction of a domain and using XENMEMdecreasereservation to reduce the memory of...

4.7CVSS7.8AI score0.00279EPSS
Exploits0References1
osv
osv
added 2015/10/30 3:59 p.m.3 views

UBUNTU-CVE-2015-7814

Race condition in the relinquishmemory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control to cause a denial of service host crash via vectors involving the destruction of a domain and using XENMEMdecreasereservation to reduce the memory of...

4.7CVSS7.2AI score0.00279EPSS
Exploits0References3
xen
xen
added 2015/10/29 11:59 a.m.56 views

arm: Race between domain destruction and memory allocation decrease

ISSUE DESCRIPTION While freeing the memory associated with a domain during domain destruction Xen could race with a toolstack domain reducing the amount of memory associated with that same domain via the XENMEMdecreasereservation. In the case where this race is hit the host will crash. The race i...

4.7CVSS8.5AI score0.00279EPSS
Exploits0
Rows per page
Query Builder