CVE-2026-23558

A flaw was found in Xen. A race condition exists when a Hardware Virtual Machine HVM or Para-Virtualization Hybrid PVH guest changes its grant table version from v2 to v1 while simultaneously mapping status pages. This can lead to some status pages being freed while still mapped in the guest's...

grant table v2 race in status page mapping

ISSUE DESCRIPTION The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a grant table version change from v2 to v1 in parallel with mapping the status pages via XENMEMaddtophysmap. Some of the status pages may then b...

Linux Distros Unpatched Vulnerability : CVE-2018-15469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest...

SUSE CVE-2015-4163

GNTTABOPswapgrantref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service NULL pointer dereference via a hypercall without a GNTTABOPsetuptable or GNTTABOPsetversion...

SUSE CVE-2018-15469

An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG...

ALPINE-CVE-2021-28697

grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...

Xen 竞争条件问题漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen has a security vulnerability that can be...

UBUNTU-CVE-2018-15469

An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG...

DEBIAN-CVE-2015-4163

GNTTABOPswapgrantref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service NULL pointer dereference via a hypercall without a GNTTABOPsetuptable or GNTTABOPsetversion...

CVE-2012-5510

Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service hypervisor crash via unspecified vectors...

CVE-2012-5510

Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service hypervisor crash via unspecified vectors...