51 matches found
SUSE SLED15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2025:4419-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4419-1 advisory. Update to Xen 4.20.2 jscPED-8907. Security issues fixed: - CVE-2025-58149: incorrect removal of permissions on PCI devi...
Security update for xen
This update for xen fixes the following issues: Update to Xen 4.20.2 jscPED-8907. Security issues fixed: CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to it XSA-476, bsc1252692. Other issues fixed: Failure to...
CVE-2025-58149 Incorrect removal of permissions on PCI device unplug
When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...
CVE-2025-58149
CVE-2025-58149 affects the Xen hypervisor. The detach logic for PCI devices fails to remove access permissions to 64‑bit memory BARs when a device is unplugged, allowing PV guests to access memory of devices no longer assigned to them (HVM implications noted with required compromised device model...
EUVD-2017-14629
Malware in sbrugna...
EUVD-2017-14680
Malware in sbrugna...
EUVD-2016-1343
Malware in sbrugna...
CVE-2025-38016 HID: bpf: abort dispatch if device destroyed
In the Linux kernel, the following vulnerability has been resolved: HID: bpf: abort dispatch if device destroyed The current HID bpf implementation assumes no output report/request will go through it after hidbpfdestroydevice has been called. This leads to a bug that unplugging certain types of H...
CVE-2023-47233
The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...
SUSE CVE-2016-10155
Memory leak in hw/watchdog/wdti6300esb.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...
Denial Of Service (DoS)
qemu is vulnerable to denial of service DoS. The vulnerability exists Memory leak in hw/audio/es1370.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...
Memory Leak
qemu:xenial is vulnerable to Memory leak. Due to a flaw in hw/audio/ac97.c in QEMU aka Quick Emulator, it allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...
Denial Of Service (DoS)
qemu-kvm-rhev is vulnerable to denial of service DoS attacks. The vulnerability exists as a memory leak in hw/watchdog/wdti6300esb.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of...
Qemu: serial: host memory leakage 16550A UART emulation
Memory leak in the serialexitcore function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...
Qemu: serial: host memory leakage 16550A UART emulation
Memory leak in the serialexitcore function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...
CVE-2016-10155
Memory leak in hw/watchdog/wdti6300esb.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...
CVE-2017-5579
Memory leak in the serialexitcore function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...
CVE-2016-10155
Memory leak in hw/watchdog/wdti6300esb.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...
CVE-2017-5525
Memory leak in hw/audio/ac97.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...
ALPINE-CVE-2017-5525
Memory leak in hw/audio/ac97.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...