24 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000732)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000732 advisory. The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG...
SUSE CVE-2023-53789
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Improve page fault error reporting If IOMMU domain for device group is not setup properly then we may hit IOMMU page fault. Current page fault handler assumes that domain is always setup and it will hit NULL pointer...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414632)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414632 advisory. Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...
Linux Distros Unpatched Vulnerability : CVE-2021-28039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0...
SUSE CVE-2015-8552
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service disk consumption by leveraging a system with access to a...
SUSE CVE-2016-4963
The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service management tool confusion by manipulating information in the backend directories in xenstore...
USN-5377-1 linux-bluefield vulnerabilities
It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 Yiqi Sun and Kevin Wang discovered that the...
Xen 安全漏洞
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen Noyau Linux has a security vulnerability...
CVE-2021-28039
An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...
CVE-2021-28039
An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...
CVE-2021-28039
An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...
CVE-2021-28039
An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...
CVE-2021-28039
An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...
CVE-2021-28039
CVE-2021-28039 affects the Linux kernel 5.9.x–5.11.3 (used with Xen). In some configurations, an x86 PV guest OS user can crash the Dom0 or a driver domain by generating a large amount of I/O. Root cause is the misuse of guest physical addresses when CONFIG_XEN_UNPOPULATED_ALLOC is set but CONFIG...
xen-tools -- xenstore denial of service via repeated update
The Xen Project reports: Unprivileged guests may be able to stall progress of the control domain or driver domain, possibly leading to a Denial of Service DoS of the entire host...
Fedora 24 : xen (2016-389be30b95)
fix for CVE-2016-2858 doesn't build with qemu-xen enabled Unsanitised guest input in libxl device handling code XSA-175, CVE-2016-4962 1342132 Unsanitised driver domain input in libxl device handling XSA-178, CVE-2016-4963 1342131 arm: Host crash caused by VMID exhaust XSA-181 1342530 Qemu:...
DEBIAN-CVE-2016-5242
The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...
UBUNTU-CVE-2016-5242
The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...
UBUNTU-CVE-2016-4963
The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service management tool confusion by manipulating information in the backend directories in xenstore...
Null pointer dereference
The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...