17 matches found
Fedora 36 : xen (2023-04b5338dd0)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-04b5338dd0 advisory. 3 security issues 2180425 x86 shadow plus log-dirty mode use-after-free XSA-427, CVE-2022-42332 x86/HVM pinned cache attributes mis-handling XSA-428...
SUSE: Security Advisory (SUSE-SU-2023:0847-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:0862-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:0858-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-5378-1 : xen - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5378 advisory. - IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. CVE-2022-23824 -...
Fedora 38 : xen (2023-703f133eb3)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-703f133eb3 advisory. 3 security issues 2180425 x86 shadow plus log-dirty mode use-after-free XSA-427, CVE-2022-42332 x86/HVM pinned cache attributes mis-handling XSA-428...
Fedora 37 : xen (2023-da8315e641)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-da8315e641 advisory. 3 security issues 2180425 x86 shadow plus log-dirty mode use-after-free XSA-427, CVE-2022-42332 x86/HVM pinned cache attributes mis-handling XSA-428...
SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2023:0847-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0847-1 advisory. - CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode bsc1209017. - CVE-2022-42333,CVE-2022-42334: Fixed x86/HVM...
SUSE SLED15: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2023:0848-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0848-1 advisory. - CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode bsc1209017. -...
ALPINE-CVE-2022-42334
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
Design/Logic Flaw
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
Design/Logic Flaw
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
SUSE-SU-2023:0847-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode bsc1209017. - CVE-2022-42333,CVE-2022-42334: Fixed x86/HVM pinned cache attributes mis-handling bsc1209018. - CVE-2022-42331: Fixed speculative vulnerability in 32bit SYSCALL...
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
CVE-2022-42334
CVE-2022-42334 concerns the Xen hypervisor: a mis-handling in the HVM cache attributes interface used to override defaults for passed‑through devices. The root cause described across connected sources is unbounded control region creation and a lack of proper serialization for installation/removal...