18 matches found
SUSE: Security Advisory (SUSE-SU-2020:3615-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:14557-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3611-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Xen INVLPG-like flushes may leave stale TLB entries privilege escalation (XSA-286)
A privilege escalation vulnerability exists in Xen x86 PV guest kernels due to mishandles invalidation of TLB entries An unauthenticated, local attacker x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:3742-1)
This update for xen fixes the following issues : bsc1178963 - stack corruption from XSA-346 change XSA-355 bsc1177409 - CVE-2020-27674: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 bsc1177412 - CVE-2020-27672: Race condition in Xen mapping code XSA-345 bsc1177413 -...
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:3615-1)
This update for xen fixes the following issues : bsc1178963 - VUL-0: xen: stack corruption from XSA-346 change XSA-355 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:3631-1)
This update for xen fixes the following issues : bsc1178963 - stack corruption from XSA-346 change XSA-355 bsc1177409 - CVE-2020-27674: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 bsc1177412 - CVE-2020-27672: Race condition in Xen mapping code XSA-345 bsc1177413 -...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:3653-1)
This update for xen fixes the following issues : bsc1178963 - VUL-0: xen: stack corruption from XSA-346 change XSA-355 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format...
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:3611-1)
This update for xen fixes the following issues : bsc1178963 - VUL-0: xen: stack corruption from XSA-346 change XSA-355 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format...
SUSE-SU-2020:14557-1 Security update for xen
This update for xen fixes the following issues: - bsc1178963 - stack corruption from XSA-346 change XSA-355 - bsc1178935 - CVE-2020-25723: assertion failure through usbpacketunmap in hw/usb/hcd-ehci.c - bsc1177409 - CVE-2020-27674: x86 PV guest INVLPG-like flushes may leave stale TLB entries...
openSUSE Security Update : xen (openSUSE-2020-2192)
This update for xen fixes the following issues : - bsc1178963 - VUL-0: xen: stack corruption from XSA-346 change XSA-355 This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
[SECURITY] [DSA 4804-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4804-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 04, 2020 https://www.debian.org/security/faq -...
Fedora: Security Advisory for xen (FEDORA-2020-6dd36a716c)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 31 : xen (2020-6dd36a716c)
revised patch for XSA-286 mitigating performance impact ---- x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286, CVE-2020-27674 1891092 ---- x86: Race condition in Xen mapping code XSA-345 undue deferral of IOMMU TLB flushes XSA-346 unsafe AMD IOMMU page table updates XSA-347 No...
Fedora 33 : xen (2020-ec84c1565b)
revised patch for XSA-286 mitigating performance impact ---- x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286, CVE-2020-27674 1891092 simplify grub scripts patches from Thierry Vignaud some fixes for gcc 11 Note that Tenable Network Security has extracted the preceding...
GLSA-202011-06 : Xen: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202011-06 Xen: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...
Fedora 32 : xen (2020-5398bfb466)
update to xen-4.13.2 ---- x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286, CVE-2020-27674 1891092 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
CVE-2020-27674
CVE-2020-27674 is a Xen hypervisor local privilege escalation affecting Xen 4.14.x and earlier where x86 PV guests can gain guest OS privileges by modifying kernel memory contents due to mishandled invalidation of TLB entries in an INVLPG-like attack. The issue enables a local attacker to escalat...