Lucene search
K

28 matches found

Xen Project
Xen Project
added 2025/10/24 12:14 p.m.11 views

Incorrect removal of permissions on PCI device unplug

ISSUE DESCRIPTION When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the...

7.5CVSS6.8AI score0.00396EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-28039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0...

6.5CVSS6.8AI score0.00424EPSS
Exploits0References2
OSV
OSV
added 2024/12/19 12:15 p.m.3 views

ALPINE-CVE-2024-45819

PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...

5.5CVSS6.7AI score0.00294EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.16 views

Xen 安全漏洞

Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen that stems from th...

5.5CVSS5.9AI score0.00294EPSS
Exploits0References5
OSV
OSV
added 2024/01/05 5:15 p.m.2 views

DEBIAN-CVE-2023-46836

The fixes for XSA-422 Branch Type Confusion and XSA-434 Speculative Return Stack Overflow are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown XPTI deliberately left interrupts enabled on two entry...

4.7CVSS4.9AI score0.0025EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/11/17 2:0 a.m.2 views

SUSE CVE-2023-46836

The fixes for XSA-422 Branch Type Confusion and XSA-434 Speculative Return Stack Overflow are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown XPTI deliberately left interrupts enabled on two entry...

5.1CVSS6.9AI score0.0025EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 5:46 a.m.5 views

SUSE CVE-2012-2934

Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service host hang via sequential execution of instructions across a non-canonical boundary, a different...

1.9CVSS6.6AI score0.00459EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.2 views

SUSE CVE-2012-5513

The XENMEMexchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service crash or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range...

6.9CVSS6.9AI score0.00406EPSS
Exploits4References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.4 views

SUSE CVE-2017-7995

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the getuser function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL...

3.8CVSS8.8AI score0.00368EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.3 views

SUSE CVE-2021-28039

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...

6.5CVSS7.7AI score0.00424EPSS
Exploits0References4
OSV
OSV
added 2021/03/05 6:15 p.m.3 views

DEBIAN-CVE-2021-28039

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...

6.5CVSS6.4AI score0.00424EPSS
Exploits0References1
OSV
OSV
added 2020/10/22 9:15 p.m.2 views

ALPINE-CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

5.3CVSS6.9AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/04 12:0 a.m.3 views

Xen PCI Elevation of Privilege Vulnerability

Xen is an open source virtual machine monitor product. A security vulnerability exists in Xen PCI device handling that can be exploited by an attacker to allow a local PV guest to submit special requests that can elevate privileges...

6.9CVSS8.7AI score0.00497EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/04/02 8:50 p.m.123 views

USN-3931-2: Linux kernel (HWE) vulnerabilities

USN-3931-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS. M. Vefa Bicakci and Andy Lutomirsk...

8.1CVSS6.9AI score0.16523EPSS
Exploits12
OSV
OSV
added 2019/04/02 7:29 p.m.4 views

USN-3931-1 linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle, linux-raspi2 vulnerabilities

M. Vefa Bicakci and Andy Lutomirski discovered that the kernel did not properly set up all arguments to an error handler callback used when running as a paravirtualized guest. An unprivileged attacker in a paravirtualized guest VM could use this to cause a denial of service guest VM crash...

8.1CVSS6.9AI score0.16523EPSS
Exploits12References13
Ubuntu
Ubuntu
added 2019/04/02 7:29 p.m.131 views

USN-3931-1: Linux kernel vulnerabilities

M. Vefa Bicakci and Andy Lutomirski discovered that the kernel did not properly set up all arguments to an error handler callback used when running as a paravirtualized guest. An unprivileged attacker in a paravirtualized guest VM could use this to cause a denial of service guest VM crash...

8.1CVSS6.9AI score0.16523EPSS
Exploits12
Positive Technologies
Positive Technologies
added 2018/06/27 12:0 a.m.8 views

PT-2018-11456 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.11 Description: An issue in Xen allows a malicious PV guest to crash the system, leading to a Denial of Service. The vulnerability can be triggered by a guest and is caused by an oversight in safety checks added to...

9.9CVSS6.7AI score0.93838EPSS
Exploits30References183
OSV
OSV
added 2018/02/27 7:29 p.m.2 views

ALPINE-CVE-2018-7540

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service host OS CPU hang via non-preemptable L3/L4 pagetable freeing...

6.5CVSS6.6AI score0.00442EPSS
Exploits0References1
OSV
OSV
added 2017/12/12 11:29 p.m.3 views

ALPINE-CVE-2017-17565

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service host OS crash if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P...

5.6CVSS6.6AI score0.00359EPSS
Exploits0References1
OSV
OSV
added 2017/10/18 8:29 a.m.3 views

UBUNTU-CVE-2017-15593

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service memory leak because reference counts are mishandled...

6.5CVSS7.3AI score0.00391EPSS
Exploits0References3
Rows per page
Query Builder