Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.4 views

SUSE CVE-2013-4329

The xenlight library libxl in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service via a DMA instruction...

6.5CVSS6.7AI score0.00531EPSS
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2017/12/02 6:10 p.m.320 views

Security update for xen (important)

This update for xen to version 4.9.1 bsc1027519 fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc1068187: Failure to recognize errors in the Populate on Demand PoD code allowed for DoS XSA-246 - bsc1068191...

9CVSS4.4AI score0.02806EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2017/11/30 12:0 a.m.40 views

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:3115-1)

This update for xen to version 4.9.1 bsc1027519 fixes several issues. This new feature was added : - Support migration of HVM domains larger than 1 TB These security issues were fixed : - bsc1068187: Failure to recognize errors in the Populate on Demand PoD code allowed for DoS XSA-246 -...

9.1CVSS6.9AI score0.02806EPSS
Exploits0References11
Xen Project
Xen Project
added 2016/12/06 12:0 p.m.54 views

qemu ioport array overflow

ISSUE DESCRIPTION The code in qemu which implements ioport read/write looks up the specified ioport address in a dispatch table. The argument to the dispatch function is a uint32t, and is used without a range check, even though the table has entries for only 2^16 ioports. When qemu is used as a...

7.5CVSS0.00364EPSS
Exploits0
Xen Project
Xen Project
added 2016/07/27 3:0 p.m.67 views

virtio: unbounded memory allocation issue

ISSUE DESCRIPTION A guest can submit virtio requests without bothering to wait for completion and is therefore not bound by virtqueue size. This requires reusing vring descriptors in more than one request, which is incorrect but possible. Processing a request allocates a VirtQueueElement and...

5.5CVSS0.5AI score0.0052EPSS
Exploits0
Xen Project
Xen Project
added 2013/09/10 10:56 a.m.93 views

libxl partially sets up HVM passthrough even with disabled iommu

ISSUE DESCRIPTION With HVM domains, libxl's setup of PCI passthrough devices does the IOMMU setup after giving via the device model the guest access to the hardware and advertising it to the guest. If the IOMMU is disabled the overall setup fails, but after the device has been made available to t...

6.5CVSS2AI score0.00531EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/09/10 12:0 a.m.39 views

Debian DSA-2543-1 : xen-qemu-dm-4.0 - multiple vulnerabilities

Multiple vulnerabilities have been discovered in xen-qemu-dm-4.0, the Xen QEMU Device Model virtual machine hardware emulator. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2012-3515 : The device model for HVM domains does not properly handle VT100...

7.2CVSS7.7AI score0.00528EPSS
Exploits0References6
Rows per page
Query Builder