Linux Distros Unpatched Vulnerability : CVE-2021-4147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting ...

Linux Distros Unpatched Vulnerability : CVE-2022-48765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: LAPIC: Also cancel preemption timer during SETLAPIC The below warning is splatting during guest reboot. ------------ cut here ------------ WARNING: CPU: 0...

Vulnerability of the arch/x86/kvm/x86.c component and lapic_shutdown within the Kernel-Based Virtual Machine (KVM) virtualization subsystem of the Linux operating system, which allows a hacker to trigger a service failure.

The vulnerability in the arch/x86/kvm/x86.c component of the KVM kernel-based virtualization subsystem in Linux operating systems is related to the disabling of the tsc-deadline mode and the execution of a reboot in the guest system. Exploiting this vulnerability can allow an attacker to cause a...

SUSE CVE-2022-48765

In the Linux kernel, the following vulnerability has been resolved: KVM: LAPIC: Also cancel preemption timer during SETLAPIC The below warning is splatting during guest reboot. ------------ cut here ------------ WARNING: CPU: 0 PID: 1931 at arch/x86/kvm/x86.c:10322 kvmarchvcpuioctlrun+0x874/0x880...

DEBIAN-CVE-2022-48765

In the Linux kernel, the following vulnerability has been resolved: KVM: LAPIC: Also cancel preemption timer during SETLAPIC The below warning is splatting during guest reboot. ------------ cut here ------------ WARNING: CPU: 0 PID: 1931 at arch/x86/kvm/x86.c:10322 kvmarchvcpuioctlrun+0x874/0x880...

kernel: KVM: LAPIC: Also cancel preemption timer during SET_LAPIC

A vulnerability was found in the Linux kernel's KVM component related to the LAPIC during the guest reboot process. This issue arises when the SETLAPIC command is issued without exposing the tsc-deadline mode, leading to warnings and potential inconsistencies due to an unhandled preemption timer...

kernel: KVM: LAPIC: Also cancel preemption timer during SET_LAPIC

A vulnerability was found in the Linux kernel's KVM component related to the LAPIC during the guest reboot process. This issue arises when the SETLAPIC command is issued without exposing the tsc-deadline mode, leading to warnings and potential inconsistencies due to an unhandled preemption timer...

CVE-2021-4147

A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition...

UBUNTU-CVE-2021-4147

A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition...

ALPINE-CVE-2018-5244

In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure isn't freed when a vcpu is destroyed. This allows guest OS administrators to cause a denial of service host OS memory consumption by rebooting many...

DEBIAN-CVE-2017-14431

Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service ARM or x86 AMD host OS memory consumption by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207...

CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

Code injection

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

OracleVM 3.0 : xen (OVMSA-2012-0020)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86-64: detect processors subject to AMD erratum 121 and refuse to bootCVE-2006-0744 - guest denial of service on syscall/sysenter exception generation CVE-2012-0217 - Remove unnecessary balloon retri...