CVE-2021-38917

IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker that gains service access to the FSP can read and write arbitrary host system memory through a series of carefully crafted service procedures. IBM X-Force ID: 210018...

CVE-2021-38917

IBM PowerVM Hypervisor FW860, FW940, and FW950 are vulnerable to an access-control flaw that allows an attacker who gains service access to the FSP to read and write arbitrary host memory via crafted service procedures. Impact: high confidentiality and integrity, no availability impact. Affected ...

Security Bulletin: The PowerVM hypervisor can violate the isolation between peer VMs in certain scenarios

Summary A specific sequence of VM management operations from the management console HMC, Novalink, or PowerVC can lead to a violation of the isolation between peer VMs. Vulnerability Details CVEID: CVE-2021-38918 DESCRIPTION: IBM PowerVM Hypervisor through a specific sequence of VM management...

AMD EPYC Embedded Processors 安全漏洞

AMD EPYC is an x86 server microprocessor product line from AMD, known as "Xiao Long" in Chinese, utilizing the Zen microarchitecture. A security vulnerability exists in AMD EPYC Embedded Processors, where an unprivileged process executed by a malicious hypervisor in a VM could maliciously take...

Security Bulletin: The PowerVM hypervisor is vulnerable to a carefully crafted IBMi hypervisor call that can lead to a system crash

Summary The PowerVM hypervisor is vulnerable to a carefully crafted IBMi hypervisor call that can lead to a system crash Vulnerability Details CVEID: CVE-2021-38937 DESCRIPTION: IBM PowerVM Hypervisor could allow an authenticated user to cause the system to crash using a specially crafted IBMi...

Security Bulletin: The PowerVM hypervisor can allow an attacker that gains service access to the FSP to read and write system memory

Summary On PowerVM systems an attacker that gains service access to the FSP can read and write system memory through a series of carefully crafted service procedures Vulnerability Details CVEID: CVE-2021-38917 DESCRIPTION: IBM PowerVM Hypervisor could allow an attacker that gains service access t...

[SECURITY] Fedora 34 Update: xen-4.14.3-3.fc34

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from IBM USA, Inc. provides a secure and scalable virtualization environment for applications built on the advanced RAS capabilities and leading performance of the Power Systems platform.A denial-of-service vulnerability exists in IBM PowerVM Hypervisor th...

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from Universal Business Machines IBM, Inc. provides a secure and scalable virtualization environment for applications that are built on the advanced RAS capabilities and leading performance of the Power Systems platform.A security vulnerability exists in I...

Fedora: Security Advisory for xen (FEDORA-2021-2b3a2de94f)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

ALPINE-CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

CVE-2021-28703

CVE-2021-28703 describes a Xen hypervisor issue where grant table v2 status pages could remain accessible after de-allocation due to race conditions in guest mappings. The hypervisor tracks only a single use in guest space, so concurrent mapping requests could cause a page to be mapped in multipl...

The vulnerability of the implementation of Intel Virtualization Technology for Directed I/O (VT-d) in Xen hypervisors on Intel x86-based computers allows a hacker to enhance their privileges.

The vulnerability of the Intel Virtualization Technology for Directed I/O VT-d implementation in Xen hypervisors on Intel x86-based computers is related to incorrect processing of the address translation table. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

openSUSE 15 Security Update : xen (openSUSE-SU-2021:1543-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1543-1 advisory. - PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified via...

[SECURITY] [DSA 5017-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5017-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 05, 2021 https://www.debian.org/security/faq -...

Fedora: Security Advisory for xen (FEDORA-2021-03645e9807)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: xen-4.15.1-4.fc35

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

UVI-2021-1002278 x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails

x86/hyperv: Fix NULL deref in sethvtscchangecb if Hyper-V setup fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.82 by commit...