Lucene search
K

37 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2026:2613-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2613-1 advisory. This update for xen fixes the following issues - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. - CVE-2026-42487:...

8.1CVSS5.9AI score0.00353EPSS
Exploits0References15
OSV
OSV
added 2026/06/24 9:1 a.m.2 views

SUSE-SU-2026:2613-1 Security update for xen

This update for xen fixes the following issues - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. - CVE-2026-42489,CVE-2026-42490: domctl lock open to abus...

8.1CVSS5.8AI score0.00353EPSS
Exploits0References10
NVD
NVD
added 2026/06/18 2:17 p.m.12 views

CVE-2026-42490

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...

6.5CVSS0.002EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 2:17 p.m.12 views

CVE-2026-42489

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...

5.3CVSS0.00078EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 1:47 p.m.7 views

CVE-2026-42489

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...

6.5CVSS5.2AI score0.002EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 1:47 p.m.17 views

CVE-2026-42490 domctl lock open to abuse

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...

0.002EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/18 1:47 p.m.8 views

EUVD-2026-37889

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...

6.5CVSS5.3AI score0.002EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 1:47 p.m.19 views

CVE-2026-42490

CVE-2026-42490 : The supplied documents describe a vulnerability in Xen domctl lock handling. When XSM/Flask is in use, certain domctl operations acquire the system-wide lock before performing permission checks, meaning lock acquisition may occur ahead of authorization. The root cause is a non-fa...

6.5CVSS5.2AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/18 1:47 p.m.16 views

CVE-2026-42489 domctl lock open to abuse

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...

0.00078EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/18 1:47 p.m.10 views

CVE-2026-42490

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...

6.5CVSS5.3AI score0.002EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.13 views

Fedora 44 : xen (2026-24b84f97af)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-24b84f97af advisory. x86 HVM I/O port list traversal XSA-491, CVE-2026-42487 domctl lock open to abuse XSA-492, CVE-2026-42489, CVE-2026-42490 Arm: Completion of memory...

9.1CVSS6.7AI score0.00474EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.6 views

SUSE SLES15 Security Update : xen (SUSE-SU-2026:2328-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2328-1 advisory. - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. -...

8.1CVSS5.9AI score0.00353EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.7 views

SUSE SLES15 Security Update : xen (SUSE-SU-2026:2329-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2329-1 advisory. - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. -...

8.1CVSS5.9AI score0.00353EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.11 views

Xen: domctl Lock Open to Abuse (XSA-492)

To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these operations may not be executed in parallel, so a system-wide lock is used. The way that lock is acquired is, however, not providi...

6.5CVSS5.8AI score0.002EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/06/11 6:54 a.m.9 views

Security update for xen

This update for xen fixes the following issues: CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953. Special Instructions and Notes: Please reboot the system...

8.8CVSS5.4AI score0.00353EPSS
Exploits0References14
OSV
OSV
added 2026/06/11 6:54 a.m.4 views

SUSE-SU-2026:2364-1 Security update for xen

This update for xen fixes the following issues: - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. - CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953...

8.1CVSS5.2AI score0.00353EPSS
Exploits0References8
OSV
OSV
added 2026/06/10 7:39 a.m.7 views

SUSE-SU-2026:2329-1 Security update for xen

This update for xen fixes the following issues: - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. - CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953...

8.1CVSS5.4AI score0.00353EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2026/06/10 7:39 a.m.9 views

Security update for xen

This update for xen fixes the following issues: CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953. Special Instructions and Notes: Please reboot the system...

8.8CVSS5.4AI score0.00353EPSS
Exploits0References14
OSV
OSV
added 2026/06/10 7:39 a.m.6 views

SUSE-SU-2026:2328-1 Security update for xen

This update for xen fixes the following issues: - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. - CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953...

8.1CVSS5.4AI score0.00353EPSS
Exploits0References8
Xen Project
Xen Project
added 2026/06/09 12:0 p.m.15 views

domctl lock open to abuse

ISSUE DESCRIPTION To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these operations may not be executed in parallel, so a system-wide lock is used. The way that lock is acquired is,...

6.5CVSS5.5AI score0.002EPSS
Exploits0Affected Software1
Rows per page
Query Builder