Linux Distros Unpatched Vulnerability : CVE-2022-33748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking...

SUSE CVE-2017-15597

An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2022:3727-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3727-1 advisory. - P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests...

CVE-2022-33748

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be...

DEBIAN-CVE-2022-33748

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be...

ALPINE-CVE-2022-33748

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be...

CVE-2022-33748

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be...

CVE-2022-33748

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be...

CVE-2022-33748

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be...

CVE-2022-33748

CVE-2022-33748 corresponds to a Xen/XenServer vulnerability where a missing cleanup call on an error path can cause lock order inversion during transitive grant copy handling (XSA-226). This can lead to nested locks acquired in opposite order between two cooperating guests, potentially causing CP...

ALPINE-CVE-2020-11742

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...

DEBIAN-CVE-2020-11742

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...

UBUNTU-CVE-2020-11742

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...

Bad continuation handling in GNTTABOP_copy

ISSUE DESCRIPTION Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 / XSA-226 introduced a path through grant copy handling where success may be returned to the caller without any action taken. In particular the status fields...

ALPINE-CVE-2017-15597

An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying...

UBUNTU-CVE-2017-15597

An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying...