148 matches found
EUVD-2019-9194
Malware in sbrugna...
EUVD-2020-21928
Malware in sbrugna...
EUVD-2020-21851
Malware in sbrugna...
EUVD-2020-7550
Malware in sbrugna...
EUVD-2021-26642
Malware in sbrugna...
EUVD-2007-6382
Malware in sbrugna...
EUVD-2013-4257
Malware in sbrugna...
EUVD-2013-2166
Malware in sbrugna...
EUVD-2014-8697
Malware in sbrugna...
CVE-2023-46842
Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hypercalls takes a...
CVE-2023-46842 x86 HVM hypercalls may trigger Xen bug check
Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hypercalls takes a...
CVE-2023-46842
CVE-2023-46842 affects the Xen hypervisor. The VULNERABILITY allows HVM guests to switch between 64-bit and other modes, enabling potential manipulation of registers used for 32-bit hypercall arguments. Translation of hypercall arguments and lax sanity checks on register high halves can trigger a...
CVE-2023-46840
Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen...
CVE-2023-46840
Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xen (SUSE-SU-2024:0830-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0830-1 advisory. - The vulnerability allows a malicious guest to gain access to sensitive information. The...
x86: shadow stack vs exceptions from emulation stubs
ISSUE DESCRIPTION Recent x86 CPUs offer functionality named Control-flow Enforcement Technology CET. A sub-feature of this are Shadow Stacks CET-SS. CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and...
Mis-handling Cache Attributes
xen is vulnerable to Mis-handling Cache Attributes. The vulnerability allows entities controlling HVM guests to run the host out of resources or stall execution of a physical CPU for effectively unbounded periods of time which could lead to a denial of service to the affected users...
x86 shadow paging arbitrary pointer dereference
ISSUE DESCRIPTION In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handling it is possible for a guest...
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...