6 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-17341
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability ra...
SUSE SLES11 Security Update : xen (SUSE-SU-2019:14199-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14199-1 advisory. - The ahcicommitbuf function in ide/ahci.c in QEMU allows attackers to cause a denial of service NULL dereference when the command header...
SUSE: Security Advisory (SUSE-SU-2019:2753-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:0388-1)
This update for xen fixes the following issues : CVE-2018-12207: Fixed a race condition where untrusted virtual machines could have been using the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional bsc1155945...
CVE-2019-17341
CVE-2019-17341 : Affected software is Xen up to 4.11.x. The issue is a page-writability race condition during the addition of a passed-through PCI device, exploitable by x86 PV guest OS users. The documented impact is denial of service or privilege escalation on the host, triggered by this race w...
Xen Project Pass-through PCI Device Guest-to-Host Privilege Escalation (XSA-285)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by guest-to-host privilege escalation vulnerability. Only x86 systems are affected. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check...