94 matches found
The vulnerabilities of components such as blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls in the Xen hypervisor allow a malicious actor to cause service failures.
The vulnerabilities of the components blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls in the Xen hypervisor are caused by synchronization errors when using a shared resource. Exploiting these vulnerabilities can allow attackers to cause service failures...
GSD-2022-1004928 xen/blkfront: fix leaking data in shared pages
xen/blkfront: fix leaking data in shared pages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.322 by commit...
GSD-2022-1004925 xen/blkfront: force data bouncing when backend is untrusted
xen/blkfront: force data bouncing when backend is untrusted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.322 by commit...
GSD-2022-1004877 xen/blkfront: fix leaking data in shared pages
xen/blkfront: fix leaking data in shared pages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.287 by commit...
GSD-2022-1004872 xen/blkfront: force data bouncing when backend is untrusted
xen/blkfront: force data bouncing when backend is untrusted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.287 by commit...
GSD-2022-1004811 xen/blkfront: fix leaking data in shared pages
xen/blkfront: fix leaking data in shared pages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.251 by commit...
GSD-2022-1004808 xen/blkfront: force data bouncing when backend is untrusted
xen/blkfront: force data bouncing when backend is untrusted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.251 by commit...
GSD-2022-1004722 xen/blkfront: fix leaking data in shared pages
xen/blkfront: fix leaking data in shared pages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.204 by commit...
GSD-2022-1004719 xen/blkfront: force data bouncing when backend is untrusted
xen/blkfront: force data bouncing when backend is untrusted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.204 by commit...
GSD-2022-1004600 xen/blkfront: fix leaking data in shared pages
xen/blkfront: fix leaking data in shared pages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.129 by commit...
GSD-2022-1004596 xen/blkfront: force data bouncing when backend is untrusted
xen/blkfront: force data bouncing when backend is untrusted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.129 by commit...
GSD-2022-1004467 xen-blkfront: Handle NULL gendisk
xen-blkfront: Handle NULL gendisk This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.51 by commit ffa12a326415dfe5fc21e66d9d2b86896b4c9eaf, i...
GSD-2022-1004434 xen/blkfront: fix leaking data in shared pages
xen/blkfront: fix leaking data in shared pages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.53 by commit...
GSD-2022-1004430 xen/blkfront: force data bouncing when backend is untrusted
xen/blkfront: force data bouncing when backend is untrusted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.53 by commit...
GSD-2022-1004262 xen-blkfront: Handle NULL gendisk
xen-blkfront: Handle NULL gendisk This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.8 by commit db403bc872af09360f5c80f83dc3b360f0be49af, it...
GSD-2022-1004220 xen/blkfront: fix leaking data in shared pages
xen/blkfront: fix leaking data in shared pages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.10 by commit...
CVE-2022-23038
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1255-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1255-1 advisory. The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
CVE-2022-23036
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2022-23040
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...