19 matches found
SUSE: Security Advisory (SUSE-SU-2022:4241-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:4051-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2022:4007-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4007-1 advisory. - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-3374...
SUSE: Security Advisory (SUSE-SU-2022:3971-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : xen (SUSE-SU-2022:3928-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3928-1 advisory. - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking...
SUSE-SU-2022:3928-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking bsc1203807. - CVE-2021-28689: Fixed speculative vulnerabilities with bare non-shim 32-bit PV guests bsc1185104. -...
SUSE-SU-2022:3925-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking bsc1203807. - CVE-2021-28689: Fixed speculative vulnerabilities with bare non-shim 32-bit PV guests bsc1185104. -...
[SECURITY] [DSA 5272-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5272-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 06, 2022 https://www.debian.org/security/faq -...
SUSE: Security Advisory (SUSE-SU-2022:3728-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:3727-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3728-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend bsc1200762. - CVE-2022-33740: Fixed issue where Linux Block and Network PV device frontends don't zero...
SUSE: Security Advisory (SUSE-SU-2022:3665-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3665-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking bsc1203807. - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don't zero memory regions...
CVE-2022-33748
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be...
CVE-2022-33748
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be...
Citrix Hypervisor Security Bulletin for CVE-2022-33748 & CVE-2022-33749
Several security issues have been identified in Citrix Hypervisor 8.2 LTSR CU1. These are: A malicious privileged user in a guest VM working in collaboration with a malicious privileged user in another guest VM can cause the host to crash or become unresponsive. This issue has the following CVE...
CVE-2022-33748
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be...
CVE-2022-33748
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be...
CVE-2022-33748
CVE-2022-33748 corresponds to a Xen/XenServer vulnerability where a missing cleanup call on an error path can cause lock order inversion during transitive grant copy handling (XSA-226). This can lead to nested locks acquired in opposite order between two cooperating guests, potentially causing CP...