15 matches found
CVE-2026-23556
When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota...
CVE-2026-23556
When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota...
EUVD-2026-42600
When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota...
EUVD-2015-8223
Malware in sbrugna...
CVE-2025-38594
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix UAF on sva unbind with pending IOPFs Commit 17fce9d2336d "iommu/vt-d: Put iopf enablement in domain attach path" disables IOPF on device by removing the device from its IOMMU's IOPF queue when the last IOPF-capabl...
CVE-2025-38594 iommu/vt-d: Fix UAF on sva unbind with pending IOPFs
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix UAF on sva unbind with pending IOPFs Commit 17fce9d2336d "iommu/vt-d: Put iopf enablement in domain attach path" disables IOPF on device by removing the device from its IOMMU's IOPF queue when the last IOPF-capabl...
CVE-2025-38594
CVE-2025-38594 pertains to the Linux kernel (iommu/vt-d) and fixes a use-after-free (UAF) in sva unbind with pending IOPFs. The root cause was a wrong removal of a device from the IOMMU IOPF queue when the last IOPF-capable domain detaches, occurring before intel_pasid_tear_down_entry() completed...
SUSE CVE-2015-8339
The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...
DEBIAN-CVE-2022-26356
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dirty hypercalls. A suitably timed call to XENDMOPtrackdirtyvram can enable log dirty whil...
CVE-2015-8339
The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...
DEBIAN-CVE-2015-8339
The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...
Design/Logic Flaw
The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...
UBUNTU-CVE-2015-8339
The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...
CVE-2015-8339
The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...
xen-kernel -- leak of main per-domain vcpu pointer array
The Xen Project reports: A domain's primary array of vcpu pointers can be allocated by a toolstack exactly once in the lifetime of a domain via the XENDOMCTLmaxvcpus hypercall. This array is leaked on domain teardown. This memory leak could -- over time -- exhaust the host's memory. A domain give...