EUVD-2015-2842

Malware in sbrugna...

CLSA-2024-1713864372 Update of grub2

Improve Xen detection so we don't set GRUBENABLEBLSCFG=false for HVM domU guests...

SUSE-SU-2017:3115-1 Security update for xen

This update for xen to version 4.9.1 bsc1027519 fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc1068187: Failure to recognize errors in the Populate on Demand PoD code allowed for DoS XSA-246 - bsc1068191...

Debian DLA-571-1 : xen security update (Bunker Buster)

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2014-3672 XSA-180 Andrew Sorensen discovered that a HVM domain can exhaust the hosts disk space by filling up the log file. CVE-2016-3158,...

FreeBSD : xen-kernel -- ioreq handling possibly susceptible to multiple read issue (6aa2d135-b40e-11e5-9728-002590263bf5)

The Xen Project reports : Single memory accesses in source code can be translated to multiple ones in machine code by the compiler, requiring special caution when accessing shared memory. Such precaution was missing from the hypervisor code inspecting the state of I/O requests sent to the device...

ioreq handling possibly susceptible to multiple read issue

ISSUE DESCRIPTION Single memory accesses in source code can be translated to multiple ones in machine code by the compiler, requiring special caution when accessing shared memory. Such precaution was missing from the hypervisor code inspecting the state of I/O requests sent to the device model fo...

FreeBSD : xen-kernel -- Long latency populate-on-demand operation is not preemptible (83350009-881e-11e5-ab94-002590263bf5)

The Xen Project reports : When running an HVM domain in Populate-on-Demand mode, Xen would sometimes search the domain for memory to reclaim, in response to demands for population of other pages in the same domain. This search runs without preemption. The guest can, by suitable arrangement of its...

x86: Long latency populate-on-demand operation is not preemptible

ISSUE DESCRIPTION When running an HVM domain in Populate-on-Demand mode, Xen would sometimes search the domain for memory to reclaim, in response to demands for population of other pages in the same domain. This search runs without preemption. The guest can, by suitable arrangement of its memory...

xen-kernel -- Long latency populate-on-demand operation is not preemptible

The Xen Project reports: When running an HVM domain in Populate-on-Demand mode, Xen would sometimes search the domain for memory to reclaim, in response to demands for population of other pages in the same domain. This search runs without preemption. The guest can, by suitable arrangement of its...

CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...