EUVD-2012-5406

Malware in sbrugna...

CVE-2021-47277

In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physical address gpa to a host virtual address using the right-shifted gpa also known as gfn an...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2021:3968-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3968-1 advisory. - PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified...

OPENSUSE-SU-2021:1543-1 Security update for xen

This update for xen fixes the following issues: - CVE-2021-28702: Fixed PCI devices with RMRRs not deassigned correctly XSA-386 bsc1191363. - CVE-2021-28704, CVE-2021-28707, CVE-2021-28708: Fixed PoD operations on misaligned GFNs XSA-388 bsc1192557. - CVE-2021-28705, CVE-2021-28709: Fixed issues...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2021:3888-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3888-1 advisory. - PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2021:3852-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3852-1 advisory. - PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Region...

SUSE-SU-2021:3852-1 Security update for xen

This update for xen fixes the following issues: - CVE-2021-28702: Fixed PCI devices with RMRRs not deassigned correctly XSA-386 bsc1191363. - CVE-2021-28704, CVE-2021-28707, CVE-2021-28708: Fixed PoD operations on misaligned GFNs XSA-388 bsc1192557. - CVE-2021-28705, CVE-2021-28709: Fixed issues...

SUSE-SU-2021:3849-1 Security update for xen

This update for xen fixes the following issues: - CVE-2021-28701: Fixed race condition in XENMAPSPACEgranttable handling XSA-384 bsc1189632. - CVE-2021-28704, CVE-2021-28707, CVE-2021-28708: Fixed PoD operations on misaligned GFNs XSA-388 bsc1192557. - CVE-2021-28705, CVE-2021-28709: Fixed issues...

SUSE: Security Advisory (SUSE-SU-2021:3813-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

CVE-2021-28708

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

CVE-2021-28707

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

CVE-2021-28704

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

CVE-2021-28704

CVE-2021-28704 is a Xen hypervisor PoD-related vulnerability. PoD mode can start x86 HVM/PVH guests with on-demand memory and allow domains to issue P2M hypercalls that operate on page ranges; the base page frame number (PFN) alignment isn’t enforced for certain orders, enabling misalignment in X...

CVE-2021-28704

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

CVE-2021-28708

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

CVE-2021-28708

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

CVE-2021-28707

CVE-2021-28707 is a Xen hypervisor vulnerability affecting PoD (populate-on-demand) memory management for x86 HVM/PVH guests. The issue arises when handling PoD operations that act on page ranges (page orders); the base page frame number is not consistently enforced to be aligned for the requeste...

several hypercalls do not validate input GFNs

ISSUE DESCRIPTION The function getpagefromgfn does not validate its input GFN. An invalid GFN passed to a hypercall which uses this function will cause the hypervisor to read off the end of the frame table and potentially crash. IMPACT A malicious guest administrator of a PV guest can cause Xen t...