19 matches found
EUVD-2021-15354
Malware in sbrugna...
SUSE CVE-2021-28703
grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...
CVE-2021-28703
grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...
CVE-2021-28703
grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...
UBUNTU-CVE-2021-28703
grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...
CVE-2021-28703
grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...
grant table v2 status pages may remain accessible after de-allocation (take two)
ISSUE DESCRIPTION Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched back from v2 to v1. The freeing of such...
OracleVM 3.4 : xen (OVMSA-2021-0033)
The remote OracleVM system is missing necessary patches to address security updates: - IOMMU page mapping issues on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Both AMD and Intel allow ACPI tables to specify...
CVE-2021-28701
Another race in XENMAPSPACEgranttable handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches back from v2...
openSUSE 15 Security Update : xen (openSUSE-SU-2021:2923-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2923-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via...
SUSE SLED12: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2021:2924-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2924-1 advisory. Security issues fixed: - CVE-2021-28693: xen/arm: Boot modules are not scrubbed bsc1186428 - CVE-2021-28692: xen:...
Design/Logic Flaw
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...
UBUNTU-CVE-2021-28697
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...
CVE-2021-28697
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...
CVE-2021-28697
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...
grant table v2 status pages may remain accessible after de-allocation
ISSUE DESCRIPTION Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched back from v2 to v1. The freeing of such...
CVE-2018-15469
CVE-2018-15469 affects Xen 4.11.x and earlier where ARM grant table v2 is not properly implemented in the hypervisor or Linux. An unprivileged ARM guest can request v2 grant tables that are not correctly set up, causing grant-related hypercalls to trigger a BUG() and crash the hypervisor, i.e., D...
Fedora 27 : xen (2018-c553a586c8)
add Xen page-table isolation XPTI mitigation and Branch Target Injection BTI mitigation for XSA-254 DoS via non-preemptable L3/L4 pagetable freeing XSA-252 1549568 grant table v2 - v1 transition may crash Xen XSA-255 1549570 x86 PVH guest without LAPIC may DoS the host XSA-256 1549572 Note that...
grant table v2 -> v1 transition may crash Xen
ISSUE DESCRIPTION Grant tables come in two flavors versions, and domains are permitted to freely change between them subject to certain constraints. For the guest to use the facility, both the "normal" shared pages applicable to v1 and v2 and the "status" pages applicable to v2 only need to be...