Lucene search
K

39 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

Closing an event channel in the Linux kernel can lead to a deadlock. This occurs when the closure operation is performed in parallel with an unrelated Xen console action, and the handling of a Xen console interrupt occurs in a unprivileged guest. The closure of an event channel is triggered, for...

4.9CVSS6.2AI score0.00888EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002785)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002785 advisory. kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's K...

8CVSS7.4AI score0.00773EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2020-4082

Malware in sbrugna...

5.5CVSS6.9AI score0.00434EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-18276

Malware in sbrugna...

6.5CVSS5.9AI score0.00358EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-21847

Malware in sbrugna...

8.8CVSS8.6AI score0.00304EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2020-29479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root nod...

8.8CVSS7.6AI score0.00304EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/11/03 1:42 a.m.2 views

SUSE CVE-2023-34324

Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. triggered by remova...

5.7CVSS5.9AI score0.00888EPSS
Exploits0References19
Amazon
Amazon
added 2023/11/01 12:0 a.m.39 views

Medium: kernel

Issue Overview: A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests. CVE-2023-34324 A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before callin...

5.5CVSS6.6AI score0.00888EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.2 views

kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning

A flaw was found in the x86 KVM subsystem in kvmstealtimesetpreempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...

7.8CVSS6.6AI score0.00323EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.4 views

SUSE CVE-2020-11740

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users without active profiling to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not...

5.5CVSS6.5AI score0.00434EPSS
Exploits0References14
Xen Project
Xen Project
added 2022/11/01 12:0 p.m.74 views

Xenstore: guests can let run xenstored out of memory

ISSUE DESCRIPTION Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service DoS of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the...

6.5CVSS1.6AI score0.00245EPSS
Exploits0Affected Software1
Microsoft CVE
Microsoft CVE
added 2022/09/09 7:0 a.m.3 views

An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.

...

7.8CVSS7.1AI score0.00323EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2022/07/19 7:0 a.m.4 views

Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the related lock held resulting in a small race window which can be used by unprivileged guests via PV devices to cause inconsistencies of the rbtree. These inconsistencies can lead to Denial of Service (DoS) of dom0 e.g. by causing crashes or the inability to perform further mappings of other guests' memory pages.

...

4.7CVSS7.1AI score0.00299EPSS
Exploits0
OSV
OSV
added 2022/07/05 1:15 p.m.5 views

UBUNTU-CVE-2022-33744

Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the related lock held, resulting in a small race window, which can be used by unprivileged...

4.7CVSS6.7AI score0.00299EPSS
Exploits0References26
Cvelist
Cvelist
added 2022/07/05 12:50 p.m.31 views

CVE-2022-33744

Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the related lock held, resulting in a small race window, which can be used by unprivileged...

6.5AI score0.00299EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2022/07/05 12:50 p.m.49 views

CVE-2022-33744

Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the related lock held, resulting in a small race window, which can be used by unprivileged...

4.7CVSS6.9AI score0.00299EPSS
Exploits0
Xen Project
Xen Project
added 2021/12/20 12:0 p.m.64 views

Rogue backends can cause DoS of guests via high frequency events

ISSUE DESCRIPTION Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "driver domains". Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn't have the privileges to take over the...

6.5CVSS1.6AI score0.00332EPSS
Exploits0
NVD
NVD
added 2020/12/15 6:15 p.m.16 views

CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

8.8CVSS8.7AI score0.00304EPSS
Exploits0References5
OSV
OSV
added 2020/12/15 6:15 p.m.18 views

CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

8.8CVSS8.6AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/12/15 6:15 p.m.22 views

CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

8.8CVSS7.1AI score0.00304EPSS
Exploits0References3
Rows per page
Query Builder