Lucene search
K

22 matches found

Xen Project
Xen Project
added 2026/04/28 12:0 p.m.11 views

oxenstored keeps quota related use counts across domain destruction

ISSUE DESCRIPTION When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota. IMPACT Over an extended period of time, new domains will b...

9.4CVSS5.2AI score0.00137EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.13 views

EUVD-2013-4293

Malware in sbrugna...

5.2CVSS8.5AI score0.0055EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-21847

Malware in sbrugna...

8.8CVSS8.6AI score0.00304EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2020-29485

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause...

5.5CVSS5.6AI score0.004EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.3 views

SUSE CVE-2020-29485

An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...

5.5CVSS6.5AI score0.004EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/04/29 12:0 a.m.31 views

Xen oxenstored Bad Permissions (XSA-353)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a bad permissions issue. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately...

8.8CVSS7.6AI score0.00304EPSS
Exploits0References2
OSV
OSV
added 2020/12/15 6:15 p.m.1 views

ALPINE-CVE-2020-29485

An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...

5.5CVSS6.5AI score0.004EPSS
Exploits0References1
NVD
NVD
added 2020/12/15 6:15 p.m.17 views

CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

8.8CVSS8.7AI score0.00304EPSS
Exploits0References5
OSV
OSV
added 2020/12/15 6:15 p.m.1 views

DEBIAN-CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

8.8CVSS7.8AI score0.00304EPSS
Exploits0References1
OSV
OSV
added 2020/12/15 6:15 p.m.19 views

CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

8.8CVSS8.6AI score
Exploits0References5
Prion
Prion
added 2020/12/15 6:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

7.2CVSS8.5AI score0.00304EPSS
Exploits0References5Affected Software3
Prion
Prion
added 2020/12/15 6:15 p.m.19 views

Information disclosure

An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...

4.9CVSS5.8AI score0.004EPSS
Exploits0References4Affected Software3
UbuntuCve
UbuntuCve
added 2020/12/15 6:15 p.m.36 views

CVE-2020-29485

An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...

5.5CVSS6.1AI score0.004EPSS
Exploits0References4
OSV
OSV
added 2020/12/15 6:15 p.m.3 views

UBUNTU-CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

8.8CVSS5.8AI score0.00304EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/12/15 6:15 p.m.23 views

CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

8.8CVSS7.1AI score0.00304EPSS
Exploits0References3
OSV
OSV
added 2020/12/15 6:15 p.m.2 views

UBUNTU-CVE-2020-29485

An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...

5.5CVSS6AI score0.004EPSS
Exploits0References5
CVE
CVE
added 2020/12/15 5:26 p.m.76 views

CVE-2020-29485

CVE-2020-29485 concerns Xen 4.6–4.14.x where, on XS_RESET_WATCHES, Xenstored’s tracking information is not fully freed in the Ocaml Xenstored implementation, allowing unbounded memory growth and a system-wide DoS. The vulnerability affects hosts using the Ocaml Xenstored; the C Xenstored implemen...

5.5CVSS6.4AI score0.004EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.7 views

Xen Permission License and Access Control Issues Vulnerability

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen through version 4.14.x suffers from a...

8.8CVSS7.3AI score0.00304EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2013/11/11 12:0 a.m.31 views

Fedora 19 : xen-4.2.3-7.fc19 (2013-20555)

Lock order reversal between page allocation and grant table locks ocaml xenstored mishandles oversized message replies systemd changes to allow oxenstored to be used instead of xenstored Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

5.2CVSS7.6AI score0.0067EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2013/11/11 12:0 a.m.30 views

Fedora 18 : xen-4.2.3-7.fc18 (2013-20544)

Lock order reversal between page allocation and grant table locks ocaml xenstored mishandles oversized message replies systemd changes to allow oxenstored to be used instead of xenstored Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

5.2CVSS7.6AI score0.0067EPSS
Exploits0References5
Rows per page
Query Builder