CVE-2023-30612 Malicious HTTP requests could close arbitrary opening file descriptors in cloud-hypervisor

Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. This vulnerability allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP request through the HTTP API socket. As a result, the Cloud Hypervisor process can be easily...

CVE-2023-30612 Malicious HTTP requests could close arbitrary opening file descriptors in cloud-hypervisor

Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. This vulnerability allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP request through the HTTP API socket. As a result, the Cloud Hypervisor process can be easily...

CVE-2023-30612 Malicious HTTP requests could close arbitrary opening file descriptors in cloud-hypervisor

Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. This vulnerability allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP request through the HTTP API socket. As a result, the Cloud Hypervisor process can be easily...

PT-2023-22809 · Unknown · Cloud Hypervisor

Name of the Vulnerable Software and Affected Versions: Cloud Hypervisor versions 30.0 through 31.0 Description: This issue allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP requests through the HTTP API socket, potentially causing...

Cloud hypervisor 资源管理错误漏洞

Cloud hypervisor is Cloud hypervisor's virtual machine monitor for modern cloud workloads. Cloud hypervisor suffers from an access control error vulnerability that originates from allowing a user to send a malicious HTTP request via an HTTP API socket, which can be exploited by an attacker to cau...

CVE-2023-30547

A flaw was found in the vm2 sandbox. When exception handling is triggered, an unsanitized host is not managed properly. This issue may allow an attacker to bypass the sandbox protections, which can lead to remote code execution on the hypervisor host or the host that is running the sandbox...

CVE-2023-29199

A flaw was found in the vm2 sandbox. When exception handling is triggered, the sanitization logic is not managed with proper exception handling. This issue may allow an attacker to bypass the sandbox protections which can lead to remote code execution on the hypervisor host or the host which is...

CVE-2022-4450 affecting package cloud-hypervisor for versions less than 30.0-2

CVE-2022-4450 affecting package cloud-hypervisor for versions less than 30.0-2. An upgraded version of the package is available that resolves this issue...

CVE-2023-0215 affecting package cloud-hypervisor for versions less than 30.0-2

CVE-2023-0215 affecting package cloud-hypervisor for versions less than 30.0-2. An upgraded version of the package is available that resolves this issue...

CVE-2023-28448 affecting package cloud-hypervisor for versions less than 30.0-2

CVE-2023-28448 affecting package cloud-hypervisor for versions less than 30.0-2. A patched version of the package is available...

CVE-2023-0286 affecting package cloud-hypervisor for versions less than 30.0-2

CVE-2023-0286 affecting package cloud-hypervisor for versions less than 30.0-2. An upgraded version of the package is available that resolves this issue...

CVE-2022-4304 affecting package cloud-hypervisor for versions less than 30.0-2

CVE-2022-4304 affecting package cloud-hypervisor for versions less than 30.0-2. An upgraded version of the package is available that resolves this issue...

CVE-2021-45464

Removed by vendor...

SUSE CVE-2023-26964

An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RSTSTREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service DoS...

Driver Disk for Microsemi smartpqi 2.1.22 - For Citrix Hypervisor 8.2 LTSR

Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 LTSR release who use Microsemi's smartpqi driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- smartpqi| SAS/Storage Controller| 2.1.22040 Issues resolved in thi...

Driver Disk for Cisco enic 4.4.0.1-930.6 - For Citrix Hypervisor 8.2 LTSR

Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 LTSR release who use Cisco's enic driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- enic| Ethernet/NIC| 4.4.0.1-930.6 Issues resolved in this driver disk...

Citrix Hypervisor - Unable to join server to existing pool

Unable to join the server to pool. Error from xencenter: "The server was unable to contact your domain server to enable external authentication. Check that your settings are correct and a route to the server exists."...

Fedora: Security Advisory for xen (FEDORA-2023-04b5338dd0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: xen-4.16.3-4.fc36

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

SUSE-SU-2023:1776-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2023-26604: Fixed a privilege escalation via the less pager. bsc1208958 - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suiddumpable kernel setting bsc1205000. - CVE-2022-3821: Fixed buffer overrun in formattimespan...