Xen Paging Tables Race Condition (XSA-328)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an issue allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, X...

SUSE-SU-2020:14521-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-0543: Fixed a leak of Special Register Buffer Data Sampling SRBDS aka 'CrossTalk' bsc1172205,XSA-320 - CVE-2020-14364: Fixed an out-of-bounds read/write access while processing usb packets bsc1175534. - CVE-2020-15565: Fixed an issue cach...

Privilege Escalation

xen is vulnerable to privilege escalation. A guest OS user is able to gain privileges or crash the host OS due to non-atomic modification of a live EPT PTE...

openSUSE Security Update : xen (openSUSE-2020-985)

This update for xen fixes the following issues : - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. - CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. - CVE-2020-15566: Fixed incorrect error handling in event channel port allocation...

openSUSE: Security Advisory for xen (openSUSE-SU-2020:0985-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for xen (important)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:0985-1 Rating: important References: 1027519 1172205 1173376 1173377 1173378 1173380 Cross-References: CVE-2020-0543 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 Affected Products: openSUSE Leap 15....

Fedora 32 : xen (2020-fbc13516af)

incorrect error handling in event channel port allocation leads to DoS XSA-317, CVE-2020-15566 1854465 inverted code paths in x86 dirty VRAM tracking leads to DoS XSA-319, CVE-2020-15563 1854463 xen: insufficient cache write-back under VT-d leads to DoS XSA-321, CVE-2020-15565 1854467 missing...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:1902-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15566: Fixed incorrect error handling in event channel port allocation bsc1173376...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:1889-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15566: Fixed incorrect error handling in event channel port allocation bsc1173376...

SUSE SLES12 Security Update : xen (SUSE-SU-2020:1886-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15567: Fixed non-atomic modification of live EPT PTE bsc1173380. Note that Tenable...

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

Design/Logic Flaw

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...