66 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013609)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013609 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xeninitlockcpu In xeninitlockcpu, the @name has allocated new string ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002892)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002892 advisory. The makeresponse function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001986)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001986 advisory. Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits...
CVE-2022-50761
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xeninitlockcpu In xeninitlockcpu, the @name has allocated new string by kasprintf, if bindipitoirqhandler fails, it should be freed, otherwise may lead to a memory leak issue, fix it...
EUVD-2015-7869
Malware in sbrugna...
EUVD-2021-15357
Malware in sbrugna...
UBUNTU-CVE-2025-27466
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...
Linux Distros Unpatched Vulnerability : CVE-2021-28708
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE...
Linux Distros Unpatched Vulnerability : CVE-2021-28704
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE...
Linux Distros Unpatched Vulnerability : CVE-2021-28703
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of...
Linux Distros Unpatched Vulnerability : CVE-2017-14431
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service ARM or x86 AMD host OS memory consumption by continually rebooting,...
Linux Distros Unpatched Vulnerability : CVE-2012-5513
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XENMEMexchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of...
SUSE CVE-2012-5513
The XENMEMexchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service crash or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range...
SUSE CVE-2014-4021
Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors...
SUSE CVE-2015-3340
Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request...
SUSE CVE-2015-6654
The xenmemaddtophysmapone function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map t...
SUSE CVE-2015-8339
The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...
SUSE CVE-2015-8338
Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...
SUSE CVE-2015-8340
The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service deadlock or host crash via unspecified vectors, related to XENMEMexchange error handling...
SUSE CVE-2017-14431
Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service ARM or x86 AMD host OS memory consumption by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207...