Lucene search
K

22 matches found

Ubuntu
Ubuntu
added 2026/03/04 4:13 p.m.8 views

USN-8073-1: QEMU vulnerabilities

It was discovered that the UHCI controller implementation of QEMU could be brought into an invalid state. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2024-8354 It was discovered that QEMU incorrectly handled memory durin...

7.5CVSS6.2AI score0.00783EPSS
Exploits0
OSV
OSV
added 2026/02/18 9:16 p.m.3 views

UBUNTU-CVE-2026-0665

An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption...

6.5CVSS5.8AI score0.00143EPSS
Exploits0References4
OSV
OSV
added 2026/02/13 1:15 p.m.8 views

OESA-2026-1352 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: An "off by one" bug has been discovered in QEMU's KVM Xen guest support. A malicious client could exploit this vulnerability to trigger an out-of-bounds heap access in the QEMU process vi...

6.5CVSS5.3AI score0.00143EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002354 advisory. Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits...

6.5CVSS7AI score0.00413EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003178)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003178 advisory. The switchto function in arch/x86/kernel/process64.c in the Linux kernel does not properly context- switch IOPL on 64-bit PV Xen guests, which allows local guest OS...

7.8CVSS7.3AI score0.00513EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-7033

Malware in sbrugna...

3.3CVSS8.5AI score0.00849EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-34327

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensio...

10CVSS6.8AI score0.02501EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/05 4:34 p.m.3 views

CVE-2023-34327 x86/AMD: Debug Mask handling

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

6.8AI score0.00256EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.3 views

SUSE CVE-2017-8904

Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...

8.8CVSS9.5AI score0.00421EPSS
Exploits0References4
OSV
OSV
added 2022/07/29 2:15 p.m.9 views

CVE-2022-36123

The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol .bss. This allows Xen PV guest OS users to cause a denial of service or gain privileges...

7.8CVSS7.4AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/08/14 12:0 a.m.59 views

Debian DSA-4497-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2015-8553 Jan Beulich discovered that CVE-2015-2150 was not completely addressed. If a PCI physical function is passed through to a Xen guest, th...

9.3CVSS7.4AI score0.05111EPSS
Exploits7References37
OSV
OSV
added 2017/08/24 2:29 p.m.2 views

UBUNTU-CVE-2017-12137

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to mapgrantref...

8.8CVSS7.3AI score0.00437EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.38 views

openSUSE Security Update : xen-201107 (openSUSE-SU-2011:0941-1)

Security / Collective Update for Xen Xen : - bnc702025 - VUL-0: xen: VT-d PCI passthrough MSI trap injection CVE-2011-1898 - bnc703924 - update block-npiv scripts to support BFA HBA - bnc689954 - L3: Live migrations fail when guest crashes: domaincrashsync called from entry.S - bnc693472 - Bridge...

7.4CVSS7.7AI score0.00852EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.30 views

RHEL 6 : kernel (RHSA-2011:1106)

Updated kernel packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.0 Extended Update Support. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring...

5.7CVSS6.9AI score0.01003EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2012/04/17 12:0 a.m.46 views

1

2.6.18-308.4.1.0.1.el5 - net bonding: fix carrier detect when bond is down orabug 12377284 - mm fix hugetlb page leak Dave McCracken orabug 12375075 - fix ia64 build error due to add-support-above-32-vcpus.patchZhenzhong Duan - x86 use dynamic vcpuinfo remap to support more than 32 vcpus Zhenzhon...

5CVSS0.1AI score0.03615EPSS
Exploits2
NVD
NVD
added 2010/10/08 9:0 p.m.19 views

CVE-2010-2938

arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure VMCS implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when an Intel platform without Extended Page Tables EPT functionality is used, accesses VMCS fields without verifying hardware support for these...

4.9CVSS7.3AI score0.00346EPSS
Exploits1References8
OSV
OSV
added 2010/10/08 9:0 p.m.1 views

DEBIAN-CVE-2010-2938

arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure VMCS implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when an Intel platform without Extended Page Tables EPT functionality is used, accesses VMCS fields without verifying hardware support for these...

4.9CVSS5.8AI score0.00346EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2010/10/08 9:0 p.m.36 views

CVE-2010-2938

arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure VMCS implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when an Intel platform without Extended Page Tables EPT functionality is used, accesses VMCS fields without verifying hardware support for these...

4.9CVSS6.3AI score0.00346EPSS
Exploits1References1
Cvelist
Cvelist
added 2010/10/08 8:0 p.m.26 views

CVE-2010-2938

arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure VMCS implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when an Intel platform without Extended Page Tables EPT functionality is used, accesses VMCS fields without verifying hardware support for these...

7.3AI score0.00346EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2010/10/08 8:0 p.m.71 views

CVE-2010-2938

arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure VMCS implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when an Intel platform without Extended Page Tables EPT functionality is used, accesses VMCS fields without verifying hardware support for these...

4.9CVSS1.9AI score0.00346EPSS
Exploits1
Rows per page
Query Builder