Memory Integrity Loss

amd64-microcode AMD CPU microcode patches is vulnerable to Memory Integrity Loss. The vulnerability is caused due to Improper or Unexpected behavior of the INVD instruction in some AMD CPUs. It can allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU...

AMD CPU Instruction Malpractice Vulnerability

AMD CPUs are a family of CPUs from AMD. The AMD CPUs suffer from an improper instruction vulnerability that stems from the fact that incorrect or unexpected behavior of the INVD instruction would allow an attacker with a malicious hypervisor to affect the cache line write-back behavior of the CPU...

DEBIAN-CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

UBUNTU-CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

AMD CPU 安全漏洞

AMD CPUs are a family of CPUs from AMD. The AMD CPUs suffer from an improper instruction vulnerability that stems from the fact that incorrect or unexpected behavior of the INVD instruction would allow an attacker with a malicious hypervisor to affect the cache line write-back behavior of the CPU...

SUSE CVE-2020-15565

An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both...

kernel: improper initialization of the "flags" member of the new pipe_buffer

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copypagetoiterpipe and pushpipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cach...

GHSA-656C-6CXF-HVCV Deserialization of Untrusted Data in Flask-Caching

Flask-Cache adds easy cache support to Flask. The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage e.g., filesystem, Memcached, Redis, etc., they...

Denial Of Service (DoS)

Xen is vulnerable to denial of service DoS. It is allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both...

openSUSE Security Update : xen (openSUSE-2020-985)

This update for xen fixes the following issues : - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. - CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. - CVE-2020-15566: Fixed incorrect error handling in event channel port allocation...

openSUSE: Security Advisory for xen (openSUSE-SU-2020:0985-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for xen (important)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:0985-1 Rating: important References: 1027519 1172205 1173376 1173377 1173378 1173380 Cross-References: CVE-2020-0543 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 Affected Products: openSUSE Leap 15....

Fedora 32 : xen (2020-fbc13516af)

incorrect error handling in event channel port allocation leads to DoS XSA-317, CVE-2020-15566 1854465 inverted code paths in x86 dirty VRAM tracking leads to DoS XSA-319, CVE-2020-15563 1854463 xen: insufficient cache write-back under VT-d leads to DoS XSA-321, CVE-2020-15565 1854467 missing...

OPENSUSE-SU-2020:0965-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. - CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. - CVE-2020-15566: Fixed incorrect error handling in event channel port allocation...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:1902-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15566: Fixed incorrect error handling in event channel port allocation bsc1173376...

SUSE SLES12 Security Update : xen (SUSE-SU-2020:1886-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15567: Fixed non-atomic modification of live EPT PTE bsc1173380. Note that Tenable...

SUSE-SU-2020:1889-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. - CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. - CVE-2020-15566: Fixed incorrect error handling in event channel port allocation...

SUSE-SU-2020:1886-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. - CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. - CVE-2020-15567: Fixed non-atomic modification of live EPT PTE bsc1173380...

Xen Insufficient Cache Write-Back (XSA-321)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service and potential privilege escalation due to an insufficient cache write-back under VT-d. A malicious guest may be able to retain read/write DMA access to frames returned...

Design/Logic Flaw

An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both...