198 matches found
SUSE CVE-2022-33745
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / val...
virtio-win bug fix and enhancement update
An update is available for virtio-win. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virtio-win package provides paravirtualized network drivers for most...
virtio-win bug fix and enhancement update
An update is available for virtio-win. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virtio-win package provides paravirtualized network drivers for most...
Vulnerability fixed in Xen
A vulnerability has been fixed in Xen. The vulnerability allows a malicious party to cause a denial-of-service. Within Shadow Mode, a TLB flush is performed incorrectly potentially causing the host system to run out of memory memory. Only x86 PV guest systems can trigger this vulnerability trigge...
ALPINE-CVE-2022-33745
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / val...
CVE-2022-33745
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / val...
UBUNTU-CVE-2022-33745
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / val...
PT-2022-7531 · Xen +2 · Xen +2
Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to insufficient checking of input data in the Shadow Mode component of the Xen hypervisor, which can allow an attacker to elevate their privileges. The problem is...
Xen 安全漏洞
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen, whic...
PT-2022-5558 · Linux +5 · Linux +5
Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Xen affected versions not specified Description: The issue is related to errors in resource release and a potential Denial of Service DoS in dom0 caused by Arm guests via PV devices. When mapping pages of...
ALPINE-CVE-2022-26364
x86 pv: Insufficient care with non-coherent mappings This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to...
Linux 竞争条件问题漏洞
Linux is an open source operating system from the Linux Foundation in the United States. A security vulnerability exists in Linux PV devices that stems from a competitive condition and the lack of return code testing in Linux, where a malicious backend of a PV device front-end driver can access...
Linux 竞争条件问题漏洞
Linux is an open source operating system from the Linux Foundation in the United States. A security vulnerability exists in Linux PV devices that stems from a competitive condition and the lack of return code testing in Linux, where a malicious backend of a PV device front-end driver can access...
virtio-win bug fix and enhancement update
An update is available for virtio-win. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virtio-win package provides paravirtualized network drivers for most...
Xen 命令注入漏洞
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A command injection vulnerability exists ...
virtio-win bug fix and enhancement update
An update is available for virtio-win. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virtio-win package provides paravirtualized network drivers for most...
DEBIAN-CVE-2021-28689
x86: Speculative vulnerabilities with bare non-shim 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to...
DEBIAN-CVE-2021-28039
An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...
Linux: special config may crash when trying to map foreign pages
ISSUE DESCRIPTION With CONFIGXENBALLOONMEMORYHOTPLUG disabled and CONFIGXENUNPOPULATEDALLOC enabled the Linux kernel will use guest physical addresses allocated via the ZONEDEVICE functionality for mapping foreign guest's pages. This will result in problems, as the p2m list will only cover the...
An issue was discovered in the Linux kernel through 5.9.1 as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device aka CID-073d0552ead5.
...