3 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-28703
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of...
SUSE CVE-2014-4022
The allocdomainstruct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which allows local guest administrators to obtain sensitive information via the GNTTABOPsetuptable...
information leak via gnttab_setup_table on ARM
ISSUE DESCRIPTION When initialising an internal data structure on ARM platform Xen was not correctly initialising the memory containing the list of a domain's grant table pages. This list is returned by the GNTTABOPsetuptable subhypercall, leading to an information leak. IMPACT Malicious guest...