40 matches found
CVE-2024-45819
PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...
CVE-2024-45819
PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...
DEBIAN-CVE-2024-45819
PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...
CVE-2024-45819 libxl leaks data to PVH guests via ACPI tables
PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...
CVE-2024-45819 libxl leaks data to PVH guests via ACPI tables
PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...
CVE-2024-45819
PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...
CVE-2024-45819
CVE-2024-45819 affects Xen libxl: PVH guests have their ACPI tables constructed by the Xen toolstack in local memory and then copied to guest memory. The vulnerability arises because, although the actually used portions of local memory are populated correctly, any excess allocated space is left w...
SUSE-SU-2024:4116-1 Security update for xen
This update for xen fixes the following issues: - CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling XSA-463 bsc1232622. - CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables XSA-464 bsc1232624. Bug fixes: - Remove usage of net-tools-deprecated from supportconfig...
SUSE CVE-2024-45819
PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...
SUSE-SU-2024:3979-1 Security update for xen
This update for xen fixes the following issues: Security issues fixed: - CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling bsc1232622 - CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables bsc1232624 Non-security issue fixed: - Xen host hung at boot up with repeated 'X...
Security update for xen
This update for xen fixes the following issues: CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling XSA-463 bsc1232622. CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables XSA-464 bsc1232624. Bug fixes: Remove usage of net-tools-deprecated from supportconfig plugin...
SUSE-SU-2024:3977-1 Security update for xen
This update for xen fixes the following issues: - CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling XSA-463 bsc1232622. - CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables XSA-464 bsc1232624. Bug fixes: - Remove usage of net-tools-deprecated from supportconfig...
libxl leaks data to PVH guests via ACPI tables
ISSUE DESCRIPTION PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is...
x86: shadow stack vs exceptions from emulation stubs
ISSUE DESCRIPTION Recent x86 CPUs offer functionality named Control-flow Enforcement Technology CET. A sub-feature of this are Shadow Stacks CET-SS. CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and...
openSUSE 15 Security Update : xen (openSUSE-SU-2021:3968-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3968-1 advisory. - PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified via...
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2021:3888-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3888-1 advisory. - PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified...
SUSE SLES12 Security Update : xen (SUSE-SU-2021:3851-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3851-1 advisory. - PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which...
CVE-2021-28708
PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...
CVE-2021-28707
PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...
CVE-2021-28708
PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...