OracleVM 3.4 : xen (OVMSA-2021-0014)

"The remote OracleVM system is missing necessary patches to address security updates: - An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device...

Xen lack of preemption in evtchn_reset() / evtchn_destroy() DoS (XSA-344)

A denial of service DoS vulnerability exists in Xen servers in FIFO event channel modules evtchnreset / evtchndestroy due to a lack of preemption. An authenticated, local attacker can mount a Denial of Service DoS attack affecting the entire system. Note that Nessus has not tested for this issue...

Fedora 31 : xen (2020-d46fe34349)

x86 pv: Crash when handling guest access to MSRMISCENABLE XSA-333, CVE-2020-25602 1881619 Missing unlock in XENMEMacquireresource error path XSA-334, CVE-2020-25598 1881616 race when migrating timers between x86 HVM vCPU-s XSA-336, CVE-2020-25604 1881618 PCI passthrough code reading back hardware...

Denial Of Service (DoS)

xen is vulnerable to denial of service DoS. There is a lack of preemption in evtchnreset / evtchndestroy. In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of these when resetting all event channels or when cleaning up...

CVE-2020-25599

An issue was discovered in Xen through 4.14.x. There are evtchnreset race conditions. Uses of EVTCHNOPreset potentially by a guest on itself or XENDOMCTLsoftreset by itself covered by XSA-77 can lead to the violation of various internal assumptions. This may lead to out of bounds memory accesses ...

CVE-2020-25601

An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchnreset / evtchndestroy. In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of these when resetting all event channels or when cleaning...

CVE-2020-25599

CVE-2020-25599 affects Xen up to 4.14.x, with race conditions in evtchn_reset() potentially allowing x86 PV guests to escalate to host privileges, cause host/guest crashes, or DoS. All Xen 4.5+ are vulnerable; 4.4 and earlier are not. Several vendor advisories indicate patches were released to fi...

CVE-2020-25599

An issue was discovered in Xen through 4.14.x. There are evtchnreset race conditions. Uses of EVTCHNOPreset potentially by a guest on itself or XENDOMCTLsoftreset by itself covered by XSA-77 can lead to the violation of various internal assumptions. This may lead to out of bounds memory accesses ...

CVE-2020-25599

An issue was discovered in Xen through 4.14.x. There are evtchnreset race conditions. Uses of EVTCHNOPreset potentially by a guest on itself or XENDOMCTLsoftreset by itself covered by XSA-77 can lead to the violation of various internal assumptions. This may lead to out of bounds memory accesses ...