5613 matches found
ALPINE-CVE-2021-28697
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...
DEBIAN-CVE-2021-28698
long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entries, including ones...
ALPINE-CVE-2021-28698
long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entries, including ones...
CVE-2021-28698
long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entries, including ones...
Design/Logic Flaw
long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entries, including ones...
CVE-2021-28697
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...
CVE-2021-28698
long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entries, including ones...
Design/Logic Flaw
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...
CVE-2021-28697
CVE-2021-28697 concerns Xen grant table v2 status pages: race conditions in freeing/deallocation of grant-table pages can allow a guest to retain access to a memory page after it has been freed, potentially enabling memory access after switches between v2 and v1. The issue is caused by racing gue...
CVE-2021-28697
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...
CVE-2021-28697
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...
CVE-2021-28698
CVE-2021-28698 is described in CTX325319 as a Xen-related issue affecting Citrix Hypervisor where a malicious privileged code in a guest VM could cause host denial of service or host compromise, under conditions such as PCI passthrough with identity-mapped memory regions and multiple vCPUs. Citri...
CVE-2021-28698
long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entries, including ones...
SUSE-SU-2021:2862-1 Security update for spectre-meltdown-checker
This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 bsc1189477 - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression 370 - enh: arm: add experimental support for binary arm images - enh: rs...
PT-2021-6824 · Xen +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to the dom0less feature of the Xen hypervisor, which allows administrators to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit for...
PT-2021-6805 · Xen +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to improper authorization in the Xen hypervisor. Exploitation of this issue allows an attacker to access sensitive data, compromise its integrity, and cause a denial of...
CVE-2021-28700
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured...
PT-2021-6610 · Xen +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to long running loops in grant table handling. Xen maintains information on grant mappings a domain may create to map grants offered by other domains. When carrying out...
PT-2021-6609 · Xen +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to inadequate access control in the Xen hypervisor. Exploitation of this issue allows an attacker to access confidential data, compromise its integrity, and cause a denial ...
Security update for spectre-meltdown-checker (moderate)
openSUSE Security Update: Security update for spectre-meltdown-checker Announcement ID: openSUSE-SU-2021:2861-1 Rating: moderate References: 1189477 Cross-References: CVE-2017-5753 CVSS scores: CVE-2017-5753 NVD : 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2017-5753 SUSE: 7.1...