19 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-33746
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing ma...
OracleVM 3.4 : xen (OVMSA-2022-0029)
The remote OracleVM system is missing necessary patches to address security updates: - P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without...
SUSE: Security Advisory (SUSE-SU-2022:4241-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:4051-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2022:4007-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4007-1 advisory. - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-3374...
SUSE: Security Advisory (SUSE-SU-2022:3971-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : xen (SUSE-SU-2022:3928-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3928-1 advisory. - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking...
SUSE-SU-2022:3928-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking bsc1203807. - CVE-2021-28689: Fixed speculative vulnerabilities with bare non-shim 32-bit PV guests bsc1185104. -...
SUSE-SU-2022:3925-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking bsc1203807. - CVE-2021-28689: Fixed speculative vulnerabilities with bare non-shim 32-bit PV guests bsc1185104. -...
[SECURITY] [DSA 5272-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5272-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 06, 2022 https://www.debian.org/security/faq -...
SUSE: Security Advisory (SUSE-SU-2022:3728-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:3727-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3728-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend bsc1200762. - CVE-2022-33740: Fixed issue where Linux Block and Network PV device frontends don't zero...
SUSE: Security Advisory (SUSE-SU-2022:3665-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3665-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking bsc1203807. - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don't zero memory regions...
CVE-2022-33746
P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing...
CVE-2022-33746
P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing...
CVE-2022-33746
P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing...
CVE-2022-33746
CVE-2022-33746 is a Xen hypervisor issue where the P2M pool backing second-level address translation for guests can become very large, causing freeing to take longer than expected due to lack of preemption checks. The vulnerability is discussed in multiple connected advisories across distribution...