22 matches found
oxenstored keeps quota related use counts across domain destruction
ISSUE DESCRIPTION When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota. IMPACT Over an extended period of time, new domains will b...
EUVD-2013-4293
Malware in sbrugna...
EUVD-2020-21847
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-29485
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause...
SUSE CVE-2020-29485
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...
Xen oxenstored Bad Permissions (XSA-353)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a bad permissions issue. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately...
ALPINE-CVE-2020-29485
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...
CVE-2020-29479
An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...
DEBIAN-CVE-2020-29479
An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...
CVE-2020-29479
An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...
Design/Logic Flaw
An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...
Information disclosure
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...
CVE-2020-29485
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...
UBUNTU-CVE-2020-29479
An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...
CVE-2020-29479
An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...
UBUNTU-CVE-2020-29485
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...
CVE-2020-29485
CVE-2020-29485 concerns Xen 4.6–4.14.x where, on XS_RESET_WATCHES, Xenstored’s tracking information is not fully freed in the Ocaml Xenstored implementation, allowing unbounded memory growth and a system-wide DoS. The vulnerability affects hosts using the Ocaml Xenstored; the C Xenstored implemen...
Xen Permission License and Access Control Issues Vulnerability
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen through version 4.14.x suffers from a...
Fedora 19 : xen-4.2.3-7.fc19 (2013-20555)
Lock order reversal between page allocation and grant table locks ocaml xenstored mishandles oversized message replies systemd changes to allow oxenstored to be used instead of xenstored Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora 18 : xen-4.2.3-7.fc18 (2013-20544)
Lock order reversal between page allocation and grant table locks ocaml xenstored mishandles oversized message replies systemd changes to allow oxenstored to be used instead of xenstored Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...