Lucene search
K

18 matches found

OSV
OSV
added 2025/11/09 7:52 a.m.64 views

MGASA-2025-0270 Updated xen packages fix security vulnerabilities

Double unlock in x86 guest IRQ handling. CVE-2024-31143 Xapi: Metadata injection attack against backup/restore functionality. CVE-2024-31144 Error handling in x86 IOMMU identity mapping. CVE-2024-31145 PCI device pass-through with shared resources. CVE-2024-31146 x86: Deadlock in vlapicerror...

9.8CVSS6.8AI score0.00723EPSS
Exploits0References25
Debian CVE
Debian CVE
added 2025/07/17 1:59 p.m.10 views

CVE-2025-1713

When setting up interrupt remapping for legacy PCI-X devices, including PCI-X bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock...

7.5CVSS6.3AI score0.00723EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/15 12:0 a.m.17 views

Fedora 40 : xen (2025-20bd6d94b9)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-20bd6d94b9 advisory. deadlock potential with VT-d and legacy PCI device pass-through XSA-467, CVE-2025-1713 Tenable has extracted the preceding description block directly from th...

7.5CVSS7AI score0.00723EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/11 12:0 a.m.19 views

SUSE SLES12: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2024:3586-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3586-1 advisory. Security fixes: - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460 bsc1228574 - CVE-2024-31146: Fixed PCI...

7.5CVSS6.8AI score0.00544EPSS
Exploits0References11
OSV
OSV
added 2024/10/10 11:29 a.m.19 views

SUSE-SU-2024:3586-1 Security update for xen

This update for xen fixes the following issues: Security fixes: - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460 bsc1228574 - CVE-2024-31146: Fixed PCI device pass-through with shared resources XSA-461 bsc1228575 - CVE-2024-45817: Fixed Deadlock in vlapicerror XSA-462...

7.5CVSS7.3AI score0.00544EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2024/09/26 12:0 a.m.14 views

openSUSE: Security Advisory for xen (SUSE-SU-2024:3423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.08555EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/25 12:0 a.m.22 views

SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2024:3423-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3423-1 advisory. - CVE-2024-2201: Mitigation for Native Branch History Injection XSA-456, bsc1222453 - CVE-2024-31143: Fixed double unlock in x86...

7.5CVSS7AI score0.08555EPSS
Exploits0References16
OSV
OSV
added 2024/09/24 3:25 p.m.13 views

SUSE-SU-2024:3423-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-2201: Mitigation for Native Branch History Injection XSA-456, bsc1222453 - CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling XSA-458, bsc1227355 - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460,...

7.5CVSS7AI score0.08555EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.15 views

Fedora: Security Advisory (FEDORA-2024-ed546e3543)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.00235EPSS
Exploits0References2
OSV
OSV
added 2024/09/03 3:4 p.m.10 views

SUSE-SU-2024:3113-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460, bsc1228574 - CVE-2024-31146: Fixed PCI device pass-through with shared resources XSA-461, bsc1228575 Other fixes: - Update to Xen 4.18.3 security bug fix release bsc102751...

7.5CVSS7.5AI score0.00235EPSS
Exploits0References6
OSV
OSV
added 2024/09/02 2:41 p.m.14 views

SUSE-SU-2024:3075-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460, bsc1228574 - CVE-2024-31146: Fixed PCI device pass-through with shared resources XSA-461, bsc1228575 Other fixes: - Update to Xen 4.17.5 security bug fix release bsc102751...

7.5CVSS7.5AI score0.00235EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/08/31 12:0 a.m.29 views

Fedora 40 : xen (2024-91ddad6c8b)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-91ddad6c8b advisory. error handling in x86 IOMMU identity mapping XSA-460, CVE-2024-31145 PCI device pass-through with shared resources XSA-461, CVE-2024-31146 Tenable h...

7.5CVSS7.4AI score0.00235EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/08/27 12:0 a.m.30 views

SUSE SLES12: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2024:3010-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3010-1 advisory. - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460, bsc1228574 - CVE-2024-31146: Fixed PCI device...

7.5CVSS6.8AI score0.00507EPSS
Exploits0References9
OSV
OSV
added 2024/08/26 9:52 a.m.13 views

SUSE-SU-2024:3010-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460, bsc1228574 - CVE-2024-31146: Fixed PCI device pass-through with shared resources XSA-461, bsc1228575 Other fixes: - Migrate CVE-2024-31143 patch in favor of upstream versi...

7.5CVSS7.5AI score0.00235EPSS
Exploits0References7
OSV
OSV
added 2024/08/23 8:15 a.m.16 views

SUSE-SU-2024:3001-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460, bsc1228574 - CVE-2024-31146: Fixed PCI device pass-through with shared resources XSA-461, bsc1228575...

7.5CVSS7.4AI score0.00235EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/08/22 12:0 a.m.18 views

SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2024:2994-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2994-1 advisory. - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460, bsc1228574 - CVE-2024-31146: Fixed PCI device...

7.5CVSS6.8AI score0.00235EPSS
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2021/06/16 12:0 a.m.103 views

Security update for ucode-intel (important)

openSUSE Security Update: Security update for ucode-intel Announcement ID: openSUSE-SU-2021:0876-1 Rating: important References: 1179833 1179836 1179837 1179839 Cross-References: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVSS scores: CVE-2020-24489 SUSE: 8.8...

8.8CVSS6.7AI score0.00472EPSS
Exploits0References4
NVD
NVD
added 2020/12/15 5:15 p.m.16 views

CVE-2020-29567

An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of IRQ handling, IRQ vectors are dynamically allocated and de-allocated on the relevant CPUs. De-allocation has to happen when certain constraints are met. If these conditions are not met when first checke...

6.2CVSS6.4AI score0.0036EPSS
Exploits0References3
Rows per page
Query Builder