Lucene search
K

9 matches found

BDU FSTEC
BDU FSTEC
added 2024/09/18 12:0 a.m.5 views

The vulnerability of the x86 HVM Hypercall Handler component of the cross-platform hypervisor Xen in the Linux operating system allows a attacker to trigger a service failure.

The vulnerability of the x86 HVM Hypercall Handler component in the cross-platform hypervisor Xen for Linux operating systems is related to the ability to freely switch between 64-bit and other system modes. Exploiting this vulnerability could allow an attacker to trigger a service failure...

6.5CVSS5.5AI score0.0853EPSS
Exploits0References6Affected Software5
exploitpack
exploitpack
added 2017/04/11 12:0 a.m.45 views

Xen - Broken Check in memory_exchange() Permits PV Guest Breakout

Xen - Broken Check in memoryexchange Permits PV Guest Breakout Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1184 This bug report describes a vulnerability in memoryexchange that permits PV guest kernels to write to an arbitrary virtual address with hypervisor privileges. The...

6.9CVSS0.00406EPSS
Exploits4
OSV
OSV
added 2015/08/11 2:48 p.m.6 views

SUSE-SU-2015:1479-1 Security update for xen

xen was updated to fix the following security issues: CVE-2015-5165: QEMU leak of uninitialized heap memory in rtl8139 device model bsc939712, XSA-140 CVE-2015-5166: Use after free in QEMU/Xen block unplug protocol bsc939709, XSA-139 CVE-2015-2751: Certain domctl operations could have be used to...

9.3CVSS7.8AI score0.13288EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.34 views

FreeBSD : xen-kernel -- vulnerability in the iret hypercall handler (8c31b288-27ec-11e5-a4a5-002590263bf5)

The Xen Project reports : A buggy loop in Xen's compatiret function iterates the wrong way around a 32-bit index. Any 32-bit PV guest kernel can trigger this vulnerability by attempting a hypercalliret with EFLAGS.VM set. Given the use of get/putuser, and that the virtual addresses in question ar...

4.9CVSS7.6AI score0.00437EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.31 views

Fedora 22 : xen-4.5.0-11.fc22 (2015-10001)

stubs-32.h is back, so revert to previous behaviour. Heap overflow in QEMU PCNET controller, allowing guest-host escape XSA-135, CVE-2015-3209. GNTTABOPswapgrantref operation misbehavior XSA-134, CVE-2015-4163. vulnerability in the iret hypercall handler XSA-136, CVE-2015-4164. Note that Tenable...

7.5CVSS7.6AI score0.09668EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.37 views

Fedora 20 : xen-4.3.4-6.fc20 (2015-9965)

Heap overflow in QEMU PCNET controller, allowing guest-host escape XSA-135, CVE-2015-3209 1230537 GNTTABOPswapgrantref operation misbehavior XSA-134, CVE-2015-4163 vulnerability in the iret hypercall handler XSA-136, CVE-2015-4164 Potential unintended writes to host MSI message data field via qem...

7.8CVSS7.7AI score0.09668EPSS
Exploits0References11
OPENSUSE Linux
OPENSUSE Linux
added 2015/06/22 2:4 p.m.34 views

Security update for xen (important)

Xen was updated to fix eight vulnerabilities. The following vulnerabilities were fixed: CVE-2015-2751: Certain domctl operations may be abused to lock up the host XSA-127 boo922709 CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu XSA-128 boo931625 CVE-2015-4104:...

7.8CVSS0.6AI score0.09668EPSS
Exploits0References8
OSV
OSV
added 2015/06/13 12:0 a.m.37 views

DSA-3286-1 xen - security update

Bulletin has no description...

7.8CVSS6.4AI score0.09668EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/06/12 12:0 a.m.30 views

Citrix XenServer Multiple Security Updates (CTX201145)

A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to crash the host. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 6.5 Service Pack 1...

7.8CVSS7.8AI score0.03427EPSS
Exploits0References1
Rows per page
Query Builder