662 matches found
CVE-2022-23037
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2022-23036
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
UBUNTU-CVE-2022-23037
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2022-23042
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2022-23039
Linux PV device frontends (blkfront, netfront, scsifront, gntalloc, xenbus) are vulnerable to race conditions in grant-reference handling that can allow a backend to retain access to guest memory after grant removal or reuse, potentially causing data leakage, data corruption, or DoS. The issue sp...
CVE-2022-23038
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2022-23037
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2022-23036
The Connected Astra Linux entries provide concrete details for CVEs 2022-23036 to 2022-23042 and related entries, describing a shared vulnerability class in Linux PV device frontends. Specifically, blkfront, netfront, scsifront, and the gntalloc driver use grant-table interfaces to remove backend...
Linux PV device frontends vulnerable to attacks by backends
ISSUE DESCRIPTION Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious...
CVE-2022-23039
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
[SECURITY] [DLA 2940-1] linux security update
Debian LTS Advisory DLA-2940-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 09, 2022 https://wiki.debian.org/LTS Package : linux Version : 4.9.303-1 CVE ID : CVE-2021-3640 CVE-2021-3752 CVE-2021-4002 CVE-2021-4083 CVE-2021-4155 CVE-2021-4202 CVE-2021-28711...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2022:0056-1 Rating: important References: 1139944 1151927 1152489 1153275 1154353 1154355 1161907 1164565 1166780 1169514 1176242 1176447 1176536 1176544 1176545 1176546 1176548 1176558 1176559 1176774...
SUSE SLES12 Security Update : kernel (SUSE-SU-2022:0477-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0477-1 advisory. - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instruction...
AlmaLinux 8 : sane-backends (ALSA-2021:1744)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1744 advisory. - A NULL pointer dereference in saneiepsonnetread in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cau...
SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2022:0056-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0056-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2021-45485: Fixed an information...
CVE-2021-28711
Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...
CVE-2021-28711
Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...
CVE-2021-28711
Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...
CVE-2021-28713
Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...
DEBIAN-CVE-2021-28712
Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...