Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2014-5044

Malware in sbrugna...

4.7CVSS9.1AI score0.00428EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2023/04/25 12:0 a.m.25 views

CVE-2022-42335

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...

7.8CVSS7.5AI score0.00264EPSS
Exploits0
CVE
CVE
added 2023/03/21 12:0 a.m.88 views

CVE-2022-42332

CVE-2022-42332 concerns Xen’s shadow mode with log-dirty tracking. In environments where host-assisted addressing is needed but Hardware Assisted Paging is unavailable, Xen’s log-dirty infrastructure did not have memory accounted for in some paths, allowing newly established shadow page tables to...

7.8CVSS7.9AI score0.00268EPSS
Exploits0References7Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.3 views

SUSE CVE-2014-5146

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging HAP, are not preemptible, which allows local HVM guest to cause a denial of service vcpu consumption by invoking these operations, which process every page assigned to ...

4.7CVSS6.5AI score0.00428EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2021/08/10 9:21 p.m.58 views

CVE-2021-38198

A flaw was found in the Linux kernel, where it incorrectly computes the access permissions of a shadow page. This issue leads to a missing guest protection page fault. Mitigation Do not disable hardware-assisted paging also known as nested paging and Second Level Address Translation on your hosts...

6.4CVSS1.6AI score0.00469EPSS
Exploits1References3
Xen Project
Xen Project
added 2021/02/18 11:47 a.m.85 views

missed flush in XSA-321 backport

ISSUE DESCRIPTION An oversight was made when backporting XSA-321, leading entries in the IOMMU not being properly updated under certain circumstances. IMPACT A malicious guest may be able to retain read/write DMA access to frames returned to Xen's free pool, and later reused for another purpose...

7.8CVSS0.9AI score0.00356EPSS
Exploits0
Xen Project
Xen Project
added 2017/10/12 12:0 p.m.544 views

x86: Incorrect handling of self-linear shadow mappings with translated guests

ISSUE DESCRIPTION The shadow pagetable code uses linear mappings to inspect and modify the shadow pagetables. A linear mapping which points back to itself is known as self-linear. For translated guests, the shadow linear mappings being in a separate address space are not intended to be self-linea...

8.8CVSS0.1AI score0.0043EPSS
Exploits0Affected Software1
OSV
OSV
added 2014/11/19 6:59 p.m.5 views

DEBIAN-CVE-2014-8594

The dommuupdate function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service NULL pointer dereference by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging...

5.4CVSS8.4AI score0.02221EPSS
Exploits0References1
OSV
OSV
added 2014/11/19 6:59 p.m.6 views

UBUNTU-CVE-2014-8594

The dommuupdate function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service NULL pointer dereference by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging...

5.4CVSS7.3AI score0.02221EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2014/11/19 6:59 p.m.35 views

CVE-2014-8594

The dommuupdate function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service NULL pointer dereference by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging...

5.4CVSS7.2AI score0.02221EPSS
Exploits0References2
Prion
Prion
added 2014/11/19 6:59 p.m.31 views

Null pointer dereference

The dommuupdate function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service NULL pointer dereference by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging...

5.4CVSS6.9AI score0.02221EPSS
Exploits0References8Affected Software3
OSV
OSV
added 2014/08/22 2:55 p.m.9 views

CVE-2014-5146

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging HAP, are not preemptible, which allows local HVM guest to cause a denial of service vcpu consumption by invoking these operations, which process every page assigned to ...

6AI score
Exploits0References10
NVD
NVD
added 2014/08/22 2:55 p.m.24 views

CVE-2014-5146

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging HAP, are not preemptible, which allows local HVM guest to cause a denial of service vcpu consumption by invoking these operations, which process every page assigned to ...

4.7CVSS8.1AI score0.00428EPSS
Exploits0References9
Prion
Prion
added 2014/08/22 2:55 p.m.28 views

Design/Logic Flaw

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging HAP, are not preemptible, which allows local HVM guest to cause a denial of service vcpu consumption by invoking these operations, which process every page assigned to ...

4.7CVSS6.3AI score0.00428EPSS
Exploits0References9Affected Software2
UbuntuCve
UbuntuCve
added 2014/08/22 2:55 p.m.31 views

CVE-2014-5146

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging HAP, are not preemptible, which allows local HVM guest to cause a denial of service vcpu consumption by invoking these operations, which process every page assigned to ...

4.7CVSS7.2AI score0.00428EPSS
Exploits0References3
CVE
CVE
added 2014/08/22 2:0 p.m.72 views

CVE-2014-5146

CVE-2014-5146 affects Xen 4.2.x–4.4.x before the xsa97-hap patch. When using Hardware Assisted Paging (HAP), certain MMU virtualization ops are not preemptible, allowing a local HVM guest to trigger a DoS by consuming all vCPUs for pages assigned to the guest. It is described as a separate issue ...

4.7CVSS4.1AI score0.00428EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2014/08/22 2:0 p.m.34 views

CVE-2014-5146

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging HAP, are not preemptible, which allows local HVM guest to cause a denial of service vcpu consumption by invoking these operations, which process every page assigned to ...

4.7CVSS3.4AI score0.00428EPSS
Exploits0
Cvelist
Cvelist
added 2014/08/22 2:0 p.m.32 views

CVE-2014-5146

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging HAP, are not preemptible, which allows local HVM guest to cause a denial of service vcpu consumption by invoking these operations, which process every page assigned to ...

4.7AI score0.00428EPSS
Exploits0References9
Xen Project
Xen Project
added 2014/08/12 12:0 p.m.51 views

Long latency virtual-mmu operations are not preemptible

ISSUE DESCRIPTION Some MMU virtualization operations on HVM guests must process every page assigned to a guest. For larger guests, this can tie up a vcpu for a significant amount of time, as the operations are not preemptible. For guests using Hardware Assisted Paging HAP, see below this is...

4.7CVSS6.8AI score0.00428EPSS
Exploits0Affected Software1
Prion
Prion
added 2013/12/27 1:55 a.m.18 views

Null pointer dereference

Xen in the Linux kernel, when running a guest on a host without hardware assisted paging HAP, allows guest users to cause a denial of service invalid pointer dereference and hypervisor crash via the SAHF instruction...

5.5CVSS6.6AI score0.00676EPSS
Exploits0References4Affected Software4
Rows per page
Query Builder