Astra Linux – Vulnerability in Linux, Linux 5.10

Rogue backends can cause Denial of Service DoS attacks on guests through high-frequency events. This CNA information record relates to multiple Common Vulnerabilities and Exposures CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Xen allows for the execution of PV...

Astra Linux – Vulnerability in Linux 5.10, Linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001425)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001425 advisory. Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...

Siemens SCALANCE, Ruggedcom ROX Race Condition (CVE-2022-23039)

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414456)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414456 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414633)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414633 advisory. Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...

Linux Distros Unpatched Vulnerability : CVE-2022-23041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...

Linux Distros Unpatched Vulnerability : CVE-2022-23042

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...

Linux Distros Unpatched Vulnerability : CVE-2022-23036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...

CVE-2022-49689

...

CVE-2022-49689

The CVE entry for CVE-2022-49689 is complemented by concrete details in connected documents. The Linux kernel’s xen-blkfront component is affected by a NULL pointer dereference when a VBD is not fully created and then closed, potentially triggering a kernel panic. The root cause involves NULL var...

CVE-2021-47573

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2021-47573

...

CVE-2021-47573

CVE-2021-47573 is withdrawn/rejected by the CNA. Connected sources (e.g., Red Hat) describe that the Xen blkfront driver in the Linux kernel was vulnerable to attacks via excessive event channels sent by the backend, potentially causing event channel storms. No exploitation details or fixes are p...

kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

SUSE CVE-2022-23037

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

SUSE CVE-2022-23041

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

SUSE CVE-2022-23040

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

The vulnerability of the blkfront driver in the PV command of the Xen hypervisor allows a hacker to cause a service failure.

The vulnerability of the blkfront driver in the PV command of the Xen hypervisor is caused by synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the blkfront component in the Xen hypervisor allows a attacker to trigger a service failure.

The vulnerability of the blkfront component in the Xen hypervisor is related to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...