18 matches found
EUVD-2017-5821
Malware in sbrugna...
EUVD-2020-4084
Malware in sbrugna...
EUVD-2015-4187
Malware in sbrugna...
RHEL 5 : xsa224_xen (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xsa224 xen: grant table operations mishandle reference counts XSA-224 CVE-2017-10921 - The grant-table...
Xen Bad error path in GNTTABOP_map_grant DoS (XSA-316)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause one error path to return 1...
CVE-2020-11743
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOPmapgrant. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause one error path to retur...
DEBIAN-CVE-2020-11742
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...
CVE-2020-11742
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...
Path traversal
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...
CVE-2020-11742
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...
CVE-2020-11743
CVE-2020-11743 affects the Xen hypervisor: a bad error path in GNTTABOP_map_grant (misplaced brackets) can make a malicious guest trigger a denial-of-service by causing improper grant-table handling, potentially crashing a Linux dom0 or backend domain. Affected Xen up to 4.13.x; several advisorie...
CVE-2020-11742
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...
Bad continuation handling in GNTTABOP_copy
ISSUE DESCRIPTION Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 / XSA-226 introduced a path through grant copy handling where success may be returned to the caller without any action taken. In particular the status fields...
Null pointer dereference
An issue was discovered in Xen 4.5.x through 4.9.x. The function gnttabcacheflush handles GNTTABOPcacheflush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mappin...
CVE-2017-14318
An issue was discovered in Xen 4.5.x through 4.9.x. The function gnttabcacheflush handles GNTTABOPcacheflush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mappin...
CVE-2017-14318
An issue was discovered in Xen 4.5.x through 4.9.x. The function gnttabcacheflush handles GNTTABOPcacheflush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mappin...
openSUSE Security Update : xen (openSUSE-2017-799)
This update for xen fixes several issues. These security issues were fixed : - CVE-2017-10912: Page transfer might have allowed PV guest to elevate privilege XSA-217, bsc1042882 - CVE-2017-10913 CVE-2017-10914: Races in the grant table unmap code allowed for informations leaks and potentially...
xen-kernel -- GNTTABOP_swap_grant_ref operation misbehavior
The Xen Project reports: With the introduction of version 2 grant table operations, a version check became necessary for most grant table related hypercalls. The GNTTABOPswapgrantref call was lacking such a check. As a result, the subsequent code behaved as if version 2 was in use, when a guest...