318 matches found
DEBIAN-CVE-2017-8903
Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213...
CVE-2017-8903
Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213...
CVE-2017-8903
Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213...
CVE-2017-8903
Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213...
CVE-2017-8903
CVE-2017-8903 affects Xen on 64-bit platforms (Xen through 4.8.x) where page tables are mishandled after an IRET hypercall. This could let a PV guest OS user execute arbitrary code on the host OS (XSA-213). Connected sources corroborate the body of the vulnerability (XSA-213) and describe the hos...
Xen Hypervisor Multiple Vulnerabilities (XSA-213 - XSA-215)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the getuser function due to permissions for accessing MMIO ranges being checked only after accessing them. A...
Xen 64bit PV Guest - pagetable use-after-type-change Breakout Vulnerability
Exploit for linux platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1231 This is a bug in Xen that permits an attacker with control over the kernel of a 64bit X86 PV guest to write arbitrary entries into a live top-level pagetable. To prevent PV...
x86: 64bit PV guest breakout via pagetable use-after-mode-change
ISSUE DESCRIPTION 64-bit PV guests typically use separate root page tables for their kernel and user modes. Hypercalls are accessible to guest kernel context only, which certain hypercall handlers make assumptions on. The IRET hypercall replacing the identically name CPU instruction is used by...
Xen - Broken Check in memory_exchange() Permits PV Guest Breakout Vulnerability
Exploit for multiple platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1184 This bug report describes a vulnerability in memoryexchange that permits PV guest kernels to write to an arbitrary virtual address with hypervisor privileges. The...
Xen - Broken Check in memory_exchange() Permits PV Guest Breakout
Xen - Broken Check in memoryexchange Permits PV Guest Breakout Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1184 This bug report describes a vulnerability in memoryexchange that permits PV guest kernels to write to an arbitrary virtual address with hypervisor privileges. The...
Xen: broken check in memory_exchange() permits PV guest breakout(CVE-2017-7228)
Detailed analysis: Pandavirtualization: Exploiting the Xen hypervisor This bug report describes a vulnerability in memoryexchange that permits PV guest kernels to write to an arbitrary virtual address with the hypervisor privileges. The vulnerability was introduced through a broken fix for...
CVE-2016-5412
arch/powerpc/kvm/book3shvrmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIGKVMBOOK3S64HV is enabled, allows guest OS users to cause a denial of service host OS infinite loop by making a HCEDE hypercall during the existence of a suspended transaction...
Kernel: powerpc: kvm: Infinite loop via H_CEDE hypercall when running under hypervisor-mode
arch/powerpc/kvm/book3shvrmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIGKVMBOOK3S64HV is enabled, allows guest OS users to cause a denial of service host OS infinite loop by making a HCEDE hypercall during the existence of a suspended transaction...
DEBIAN-CVE-2016-5412
arch/powerpc/kvm/book3shvrmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIGKVMBOOK3S64HV is enabled, allows guest OS users to cause a denial of service host OS infinite loop by making a HCEDE hypercall during the existence of a suspended transaction...
CVE-2016-5412
arch/powerpc/kvm/book3shvrmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIGKVMBOOK3S64HV is enabled, allows guest OS users to cause a denial of service host OS infinite loop by making a HCEDE hypercall during the existence of a suspended transaction...
CVE-2016-5412
arch/powerpc/kvm/book3shvrmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIGKVMBOOK3S64HV is enabled, allows guest OS users to cause a denial of service host OS infinite loop by making a HCEDE hypercall during the existence of a suspended transaction...
CVE-2016-5412
arch/powerpc/kvm/book3shvrmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIGKVMBOOK3S64HV is enabled, allows guest OS users to cause a denial of service host OS infinite loop by making a HCEDE hypercall during the existence of a suspended transaction...
PT-2016-6414 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.8 Description: The issue allows guest OS users to cause a denial of service, resulting in a host OS infinite loop. This occurs when a H CEDE hypercall is made during the existence of a suspended transaction,...
CVE-2016-5412
arch/powerpc/kvm/book3shvrmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIGKVMBOOK3S64HV is enabled, allows guest OS users to cause a denial of service host OS infinite loop by making a HCEDE hypercall during the existence of a suspended transaction...
UBUNTU-CVE-2016-5412
arch/powerpc/kvm/book3shvrmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIGKVMBOOK3S64HV is enabled, allows guest OS users to cause a denial of service host OS infinite loop by making a HCEDE hypercall during the existence of a suspended transaction...