32 matches found
Astra Linux – Vulnerability in Linux 5.10
The Linux kernel before version 5.18.13 lacked a clear mechanism for handling the block start symbol .bss. This allowed Xen PV guest OS users to cause a denial of service or gain privileges...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003273)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003273 advisory. The switchto function in arch/x86/kernel/process64.c in the Linux kernel does not properly context- switch IOPL on 64-bit PV Xen guests, which allows local guest OS...
Linux Distros Unpatched Vulnerability : CVE-2020-15852
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port...
[SECURITY] [DSA 5594-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5594-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 02, 2024 https://www.debian.org/security/faq -...
MGASA-2023-0331 Updated kernel-linus packages fix security vulnerabilities
This kernel update is based on upstream 6.5.11 and fixes or adds mitigations for at least the following security issues: A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmettcpfreecrypto due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue ma...
MGASA-2023-0328 Updated kernel packages fix security vulnerabilities and other bugs
This kernel update is based on upstream 6.5.11 and fixes or adds mitigations for at least the following security issues: A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmettcpfreecrypto due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue ma...
SUSE CVE-2021-28689
x86: Speculative vulnerabilities with bare non-shim 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to...
AZL-10451 CVE-2022-36123 affecting package kernel for versions less than 5.15.67.1-4
The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol .bss. This allows Xen PV guest OS users to cause a denial of service or gain privileges...
PT-2022-3912 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.18.13 Description: The issue is related to the clear bss function in the Linux kernel, which is associated with errors in clearing the initial symbol of the block .bss. This can allow an attacker to cause a...
[SECURITY] [DLA 2940-1] linux security update
Debian LTS Advisory DLA-2940-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 09, 2022 https://wiki.debian.org/LTS Package : linux Version : 4.9.303-1 CVE ID : CVE-2021-3640 CVE-2021-3752 CVE-2021-4002 CVE-2021-4083 CVE-2021-4155 CVE-2021-4202 CVE-2021-28711...
UBUNTU-CVE-2021-28696
IOMMU page mapping issues on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresse...
SUSE SLES12 Security Update : libvirt (SUSE-SU-2018:2631-2) (Spectre)
This update for libvirt fixes the following issues : This new feature was added : bsc1094325, bsc1094725: libxl: Enable virsh blockresize for XEN guests This security issue was fixed: CVE-2017-5715: Additional fixes for the Spectre patches bsc1079869 The update package also includes non-security...
SUSE SLES12 Security Update : libvirt (SUSE-SU-2018:2631-1) (Spectre)
This update for libvirt fixes the following issues : This new feature was added : bsc1094325, bsc1094725: libxl: Enable virsh blockresize for XEN guests This security issue was fixed: CVE-2017-5715: Additional fixes for the Spectre patches bsc1079869 The update package also includes non-security...
SUSE-SU-2018:2631-1 Security update for libvirt
This update for libvirt fixes the following issues: This new feature was added: - bsc1094325, bsc1094725: libxl: Enable virsh blockresize for XEN guests This security issue was fixed: - CVE-2017-5715: Additional fixes for the Spectre patches bsc1079869 These non-security issues were fixed: -...
Security update for libvirt (moderate)
This update for libvirt fixes the following issues: Security issue fixed: - CVE-2018-3639: Add support for 'ssbd' and 'virt-ssbd' CPUID feature bits to address V4 Speculative Store Bypass aka "Memory Disambiguation" bsc1092885. Bug fixes: - bsc1094325: Enable virsh blockresize for XEN guests...
SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2018:2304-1) (Spectre)
This update for libvirt fixes the following issues: Security issue fixed : - CVE-2018-3639: Add support for 'ssbd' and 'virt-ssbd' CPUID feature bits to address V4 Speculative Store Bypass aka 'Memory Disambiguation' bsc1092885. Bug fixes : - bsc1094325: Enable virsh blockresize for XEN guests...
openSUSE Security Update : libvirt (openSUSE-2018-860) (Spectre)
This update for libvirt fixes the following issues : Security issue fixed : - CVE-2018-3639: Add support for 'ssbd' and 'virt-ssbd' CPUID feature bits to address V4 Speculative Store Bypass aka 'Memory Disambiguation' bsc1092885. Bug fixes : - bsc1094325: Enable virsh blockresize for XEN guests...
USN-2997-1: Linux kernel (OMAP4) vulnerabilities
Jann Horn discovered that eCryptfs improperly attempted to use the mmap handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service system crash or possibly execute arbitrary code with...
Ubuntu 12.04 LTS : linux vulnerabilities (USN-2996-1)
Jann Horn discovered that eCryptfs improperly attempted to use the mmap handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service system crash or possibly execute arbitrary code with...
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2969-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2969-1 advisory. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. A...