CVE-2022-42316

Xenstore: guests can let run xenstored out of memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service...

PT-2024-23795

Name of the Vulnerable Software and Affected Versions Xapi affected versions not specified Description Xapi contains functionality to backup and restore metadata about Virtual Machines and Storage Repositories SRs. The metadata itself is stored in a Virtual Disk Image VDI inside an SR. A maliciou...

kernel: untrusted VMM can trigger int80 syscall handling

A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side...

SUSE CVE-2022-33747

Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. removing pages from a guest's P2M Physical-to-Machine mapping. When large pages are in use to map guest pages in the 2nd-stage page tables, such a removal operation may incur a memory allocation to replace a...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.60 and fixes at least the following security issues: Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the a...