37 matches found
Astra Linux – Vulnerability in Linux
A issue was discovered in the Linux kernel through version 5.11.3, when it was used with Xen PV. A certain part of the netback driver lacks proper handling of errors, such as failed memory allocations as a result of changes to the way errors related to grant mapping are handled. A denial-of-servi...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004097)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004097 advisory. An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions o...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002731)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002731 advisory. Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002669)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002669 advisory. An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414643)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414643 advisory. An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operatio...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-984806)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984806 advisory. In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIGXENPV=y, .text symbols...
Linux Distros Unpatched Vulnerability : CVE-2021-26932
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of...
DEBIAN-CVE-2023-52994
In the Linux kernel, the following vulnerability has been resolved: acpi: Fix suspend with Xen PV Commit f1e525009493 "x86/boot: Skip realmode init code when running as Xen PV guest" missed one code path accessing realmodeheader, leading to dereferencing NULL when suspending the system under Xen:...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a null pointer dereference that occurs when the system hangs in the Xen PV environment...
DEBIAN-CVE-2021-4440
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...
PT-2024-11037 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the x86/xen paravirt call in the Linux kernel. Specifically, the USERGS SYSRET64 call is used to return from a syscall via SYSRET, but a Xen PV guest wi...
DEBIAN-CVE-2024-26816
In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the "startupxen" entry point. This information is used prior to booting th...
UBUNTU-CVE-2024-26816
In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the "startupxen" entry point. This information is used prior to booting th...
SUSE CVE-2022-36123
The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol .bss. This allows Xen PV guest OS users to cause a denial of service or gain privileges...
USN-5706-1: Linux kernel (Azure CVM) vulnerabilities
It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...
USN-5687-1 linux-azure-4.15 vulnerabilities
It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...
USN-5682-1: Linux kernel (AWS) vulnerabilities
It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...
USN-5682-1 linux-aws-5.4 vulnerabilities
It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...
USN-5677-1 linux-gcp, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...
USN-5655-1 linux-intel-iotg vulnerabilities
It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...