Lucene search
K

15 matches found

OSV
OSV
added 2026/04/03 4:16 p.m.4 views

UBUNTU-CVE-2026-23429

In the Linux kernel, the following vulnerability has been resolved: iommu/sva: Fix crash in iommusvaunbinddevice domain-mm-iommumm can be freed by iommudomainfree: iommudomainfree mmdrop mmdrop mmpasiddrop After iommudomainfree returns, accessing domain-mm-iommumm may dereference a freed mm...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/11/07 7:58 p.m.4 views

CVE-2025-58149

A flaw was found in Xen. When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access to any 64bit memory BAR when such device is no longer assigned to the domain. A buggy or...

7.5CVSS6.2AI score0.00396EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/31 12:30 p.m.5 views

EUVD-2025-37346

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

7.5CVSS6.2AI score0.00396EPSS
Exploits0References2
OSV
OSV
added 2025/10/31 12:15 p.m.5 views

ALPINE-CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

7.5CVSS6.8AI score0.00396EPSS
Exploits0References1
CVE
CVE
added 2025/10/31 11:50 a.m.31 views

CVE-2025-58149

CVE-2025-58149 affects the Xen hypervisor. The detach logic for PCI devices fails to remove access permissions to 64‑bit memory BARs when a device is unplugged, allowing PV guests to access memory of devices no longer assigned to them (HVM implications noted with required compromised device model...

7.5CVSS6.4AI score0.00396EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/31 11:50 a.m.2 views

CVE-2025-58149 Incorrect removal of permissions on PCI device unplug

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

6.4AI score0.00396EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/31 11:50 a.m.8 views

CVE-2025-58149 Incorrect removal of permissions on PCI device unplug

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

0.00396EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/04 3:16 p.m.5 views

CVE-2022-50482 iommu/vt-d: Clean up si_domain in the init_dmars() error path

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up sidomain in the initdmars error path A splat from kmemcachedestroy was seen with a kernel prior to commit ee2653bbe89d "iommu/vt-d: Remove domain and devinfo mempool" when there was a failure in initdmars,...

0.0015EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/08/16 5:29 a.m.8 views

CVE-2025-5941

Netskope is notified about a potential gap in its agent NS Client in which a malicious actor could trigger a memory leak by sending a crafted DNS packet to a machine. A successful exploitation may require administrative privileges on the machine, based on the exact configuration. A successful...

2CVSS6.6AI score0.00105EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 4:34 a.m.5 views

CVE-2025-5941 Out-of-Bounds Read Vulnerability in Netskope Client

Netskope is notified about a potential gap in its agent NS Client in which a malicious actor could trigger a memory leak by sending a crafted DNS packet to a machine. A successful exploitation may require administrative privileges on the machine, based on the exact configuration. A successful...

2CVSS6.5AI score0.00105EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/16 10:7 a.m.5 views

gssntlmssp: memory leak when parsing usernames

A flaw was found in GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication. A memory leak can be triggered when parsing usernames, triggering a denial of service. The domain portion of a username may be overridden, causing an allocated memory area the size of th...

7.5CVSS5.6AI score0.01103EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.1 views

PT-2023-20164 · Unknown +3 · Gss-Ntlmssp +3

Name of the Vulnerable Software and Affected Versions: GSS-NTLMSSP versions prior to 1.2.0 Description: GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. A memory leak can be triggered when parsing usernames, potentially causing a denial-of-service. The...

8.2CVSS7.5AI score0.01942EPSS
Exploits0References44
ATTACKERKB
ATTACKERKB
added 2021/06/30 11:15 a.m.5 views

CVE-2021-28693

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...

5.5CVSS5.3AI score0.00321EPSS
Exploits0References3Affected Software1
Citrix
Citrix
added 2017/03/03 12:0 a.m.8 views

PVS 7.13: XenServer PVS-Accelerator Cache Storage Considerations

Note: This feature is only available in XenServer 7.1 and PVS 7.13 or later. PVS-Accelerator provides two cache modes: Memory only , in the Control Domain Dom0 Memory. When selecting Memory only, the feature will use up to the specified cache size in the Dom0 memory. This option is only available...

6.7AI score
Exploits0
Citrix
Citrix
added 2017/03/03 12:0 a.m.9 views

How to change control domain memory using XenCenter in XenServer 7.1 and higher?

This article describes the method to change the amount of memory allocated to the Control Domain using XenCenter...

7.1AI score
Exploits0
Rows per page
Query Builder