13 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-18424
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a...
CVE-2019-18424
creationtimestamp| type| source ---|---|--- 2024-02-01 10:12:01+00:00| seen| https://t.me/ctinow/177439 2024-03-07 14:37:03+00:00| seen| https://t.me/ctinow/202433...
Mageia: Security Advisory (MGASA-2020-0113)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2960-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2962-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:3297-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-202003-56 : Xen: Multiple vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
The remote host is affected by the vulnerability described in GLSA-202003-56 Xen: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Xen. Please review the referenced CVE identifiers for details. Impact : A local attacker could potentially gain privileges on the host system...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:0388-1)
This update for xen fixes the following issues : CVE-2018-12207: Fixed a race condition where untrusted virtual machines could have been using the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional bsc1155945...
SUSE SLES12 Security Update : xen (SUSE-SU-2019:3297-1)
This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...
Fedora 31 : xen (2019-376ec5c107)
add missing XSA-299 patches ---- x86: Machine Check Error on Page Size Change DoS XSA-304, CVE-2018-12207 TSX Asynchronous Abort speculative side channel XSA-305, CVE-2019-11135 ---- VCPUOPinitialise DoS XSA-296, CVE-2019-18420 missing descriptor table limit checking in x86 PV emulation XSA-298,...
openSUSE Security Update : xen (openSUSE-2019-2508)
This update for xen fixes the following issues : - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. bsc1155945 -...
CVE-2019-18424
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to...
CVE-2019-18424
Xen vulnerability CVE-2019-18424 affects the Xen hypervisor (4.12.x) where, when PCI pass-through is used, deassignment of a PCI device from an untrusted domain can allow in-flight DMA to target host memory, risking host-OS privilege escalation. The issue arises because devices reassigned to dom0...