Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-19583

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service guest OS crash because VMX VMEntry checks mishand...

7.5CVSS6.7AI score0.02155EPSS
Exploits0References2
NVD
NVD
added 2021/01/26 8:15 p.m.22 views

CVE-2021-3308

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...

5.5CVSS5.7AI score0.00417EPSS
Exploits0References4
Prion
Prion
added 2021/01/26 8:15 p.m.25 views

Code injection

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...

4.9CVSS5.5AI score0.00417EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2021/01/26 7:58 p.m.113 views

CVE-2021-3308

CVE-2021-3308 affects the Xen hypervisor (notably Xen 4.12.3–4.12.4 and 4.13.1–4.14.x). An x86 HVM guest with PCI passthrough can reboot with MSI/MSI-X enabled to exhaust all IDT vectors, leaking MSI(-X) entries and causing a DoS for PCI devices across guests or the host. The issue is triggered b...

5.5CVSS5.5AI score0.00417EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2021/01/26 7:58 p.m.32 views

CVE-2021-3308

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...

5.5CVSS5.9AI score0.00417EPSS
Exploits0
Cvelist
Cvelist
added 2019/12/04 9:3 p.m.30 views

CVE-2019-19579

An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device and assignable-add is not used, because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's...

8.2AI score0.00451EPSS
Exploits0References8
Cvelist
Cvelist
added 2019/10/31 1:38 p.m.33 views

CVE-2019-18424

An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to...

8.2AI score0.00497EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2019/10/31 1:36 p.m.24 views

CVE-2019-18423

An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEMaddtophysmap hypercall. p2m-maxmappedgfn is used by the functions p2mresolvetranslationfault and p2mgetentry to sanity check guest physical frame. The rest of the code in the two...

8.8CVSS1.3AI score0.02059EPSS
Exploits0
Rows per page
Query Builder