UBUNTU-CVE-2026-45890

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

Astra Linux - уязвимость в linux

A issue was discovered in the Linux kernel versions 3.11 through 5.10.16, as used by Xen. When serving requests to the PV backend, the driver maps grant references provided by the frontend. During this process, errors may occur. In one case, an error encountered earlier might be discarded by late...

Astra Linux - уязвимость в linux

A issue was discovered in the Linux kernel through version 5.10.1, as used with Xen up to version 4.14.x. The Linux kernel’s PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when the thread is stopped. However, the handler may not have enough time to execute if the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001530)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001530 advisory. An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by...

EUVD-2013-2105

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414666 advisory. An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414645)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414645 advisory. An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by...

Linux Distros Unpatched Vulnerability : CVE-2021-26930

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provid...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.326.6.el7 - Revert 'md/raid5: Wait for MDSBCHANGEPENDING in raid5d' Junxiao Bi Orabug: 35914789 - md: bypass block throttle for superblock update Junxiao Bi Orabug: 35914789 5.4.17-2136.326.5.el7 - Revert 'tracing: Increase trace array ref count on enable and filter files' Sherry Yang...

K48726314: Linux kernel vulnerability CVE-2013-2140

Security Advisory Description The dispatchdiscardio function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service data loss via filesystem write operations on a read-only disk that supports th...

SUSE CVE-2010-3699

The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to 1...

SUSE CVE-2010-4238

The vbdcreate function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5 is used, allows guest OS users to cause a denial of service host OS panic via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained fr...

SUSE CVE-2010-4247

The doblockioop function in 1 drivers/xen/blkback/blkback.c and 2 drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service infinite loop and CPU consumption via a large production request index to...

SUSE CVE-2017-10911

The makeresponse function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS or other guest OS kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structure...

Unbreakable Enterprise kernel security update

4.14.35-2047.506.8 - A/A Bonding: devhold/put the delayed GARP work handler's netdev in rdmaip Sharath Srinivasan Orabug: 33187189 - rds/ib: quarantine STALE mr before dereg Manjunath Patil Orabug: 33187192 - rds/ib: avoid dereg of mr in frwrclean Manjunath Patil Orabug: 33187195 - rds/ib: update...

Unbreakable Enterprise kernel security update

4.14.35-2047.503.1 - bpf, x86: Validate computation of branch displacements for x86-64 Piotr Krysiuk Orabug: 32759961 CVE-2021-29154 - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. Somasundaram Krishnasamy Orabug: 32781585 - ext4: handle error of ext4setupsystemzone on remount J...

Linux: blkback driver may leak persistent grants

ISSUE DESCRIPTION The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup...

Debian DLA-2586-1 : linux security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-19318, CVE-2019-19813, CVE-2019-19816 'Team bobfuzzer' reported bugs in Btrfs that could lead to a use-after-free or heap buffer overflow, and...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9085)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9085 advisory. - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492109 CVE-2021-26930 - xen-scsiback: dont 'handle' error by BUG Jan Beulich...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.500.10.el7 - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492110 CVE-2021-26930 - xen-scsiback: don't 'handle' error by BUG Jan Beulich Orabug: 32492102 CVE-2021-26931 - xen-netback: don't 'handle' error by BUG Jan Beulich Orabug: 32492102 CVE-2021-26931 -...