Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2021-15354

Malware in sbrugna...

7.8CVSS7.5AI score0.00263EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.6 views

SUSE CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

6.3CVSS6.8AI score0.00305EPSS
Exploits0References4
NVD
NVD
added 2021/12/07 12:15 p.m.17 views

CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

7CVSS0.00305EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2021/12/07 12:15 p.m.26 views

CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

7CVSS0.4AI score0.00305EPSS
Exploits0
OSV
OSV
added 2021/12/07 12:15 p.m.3 views

UBUNTU-CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

7CVSS7.1AI score0.00305EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/12/07 12:0 a.m.18 views

CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

7.6AI score0.00305EPSS
Exploits0References2
Xen Project
Xen Project
added 2021/11/23 12:0 p.m.44 views

grant table v2 status pages may remain accessible after de-allocation (take two)

ISSUE DESCRIPTION Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched back from v2 to v1. The freeing of such...

7CVSS7.1AI score0.00305EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/10/12 12:0 a.m.42 views

OracleVM 3.4 : xen (OVMSA-2021-0033)

The remote OracleVM system is missing necessary patches to address security updates: - IOMMU page mapping issues on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Both AMD and Intel allow ACPI tables to specify...

7.8CVSS6.4AI score0.00381EPSS
Exploits0References13
NVD
NVD
added 2021/09/08 2:15 p.m.12 views

CVE-2021-28701

Another race in XENMAPSPACEgranttable handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches back from v2...

7.8CVSS0.00257EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2021/09/04 12:0 a.m.45 views

openSUSE 15 Security Update : xen (openSUSE-SU-2021:2923-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2923-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via...

7.8CVSS6.2AI score0.0187EPSS
Exploits0References41
Tenable Nessus
Tenable Nessus
added 2021/09/04 12:0 a.m.38 views

SUSE SLED12: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2021:2924-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2924-1 advisory. Security issues fixed: - CVE-2021-28693: xen/arm: Boot modules are not scrubbed bsc1186428 - CVE-2021-28692: xen:...

7.8CVSS6.7AI score0.0187EPSS
Exploits0References52
Prion
Prion
added 2021/08/27 7:15 p.m.24 views

Design/Logic Flaw

grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...

4.6CVSS7.5AI score0.00263EPSS
Exploits0References6Affected Software3
OSV
OSV
added 2021/08/27 7:15 p.m.3 views

UBUNTU-CVE-2021-28697

grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...

7.8CVSS5.8AI score0.00263EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2021/08/27 6:37 p.m.25 views

CVE-2021-28697

grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...

7.8CVSS0.6AI score0.00263EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/08/27 12:0 a.m.29 views

CVE-2021-28697

grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...

7.8CVSS7.1AI score0.00263EPSS
Exploits0References2
Xen Project
Xen Project
added 2021/08/25 12:0 p.m.56 views

grant table v2 status pages may remain accessible after de-allocation

ISSUE DESCRIPTION Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched back from v2 to v1. The freeing of such...

7.8CVSS0.3AI score0.00263EPSS
Exploits0Affected Software1
CVE
CVE
added 2018/08/17 5:0 p.m.91 views

CVE-2018-15469

CVE-2018-15469 affects Xen 4.11.x and earlier where ARM grant table v2 is not properly implemented in the hypervisor or Linux. An unprivileged ARM guest can request v2 grant tables that are not correctly set up, causing grant-related hypercalls to trigger a BUG() and crash the hypervisor, i.e., D...

6.5CVSS6.1AI score0.00421EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/03/07 12:0 a.m.39 views

Fedora 27 : xen (2018-c553a586c8)

add Xen page-table isolation XPTI mitigation and Branch Target Injection BTI mitigation for XSA-254 DoS via non-preemptable L3/L4 pagetable freeing XSA-252 1549568 grant table v2 - v1 transition may crash Xen XSA-255 1549570 x86 PVH guest without LAPIC may DoS the host XSA-256 1549572 Note that...

8.8CVSS7.1AI score0.00442EPSS
Exploits0References4
Xen Project
Xen Project
added 2018/02/27 12:0 p.m.563 views

grant table v2 -> v1 transition may crash Xen

ISSUE DESCRIPTION Grant tables come in two flavors versions, and domains are permitted to freely change between them subject to certain constraints. For the guest to use the facility, both the "normal" shared pages applicable to v1 and v2 and the "status" pages applicable to v2 only need to be...

8.8CVSS8AI score0.0044EPSS
Exploits0Affected Software1
Rows per page
Query Builder