DEBIAN-CVE-2020-11741

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users with active profiling to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenopr...

DEBIAN-CVE-2020-11739

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths don't contain a memory barrier. On Arm, this means a processor is allowed to...

CVE-2020-11742

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...

Citrix Hypervisor Multiple Security Updates

Description of Problem Several issues have been identified within Citrix Hypervisor, which could, if exploited, allow: privileged code in a PV guest VM to read a single uninitialized 4kB page of memory that may contain data left by a previous VM privileged code in a guest VM to cause the host to...

The vulnerability of Xen hypervisors relates to the improper assignment of permissions for critical resources. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Xen hypervisors is related to the occurrence of exceptions that are handled without modifying the processor’s level. Some interrupts are inevitably included when an exception is generated. Exploiting this vulnerability can allow a remote attacker to access confidential data,...

The vulnerability of Xen hypervisors arises from the simultaneous execution using a shared resource with incorrect synchronization. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Xen hypervisors is related to an error in the restart operations for volume change operations. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of Xen hypervisors arises from the failure to take measures to neutralize special elements used in the operating system’s command set. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of Xen hypervisors is related to a reliability domain error that may allow access to physical devices. Exploiting this vulnerability can enable attackers to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of Xen hypervisors arises from insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of Xen hypervisors exists due to insufficient checking of input data. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the hypercall_initialise function in Xen hypervisors, related to insufficient validation of input data, allows a malicious actor to trigger a service failure.

The vulnerability of the hypercallinitialise function in Xen hypervisors is related to incorrect error handling for the invalid format symbol. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerabilities of the functions p2m_resolve_translation_fault() and p2m_get_entry() in Xen hypervisors, related to insufficient input data validation, allow attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerabilities of the functions p2mresolvetranslationfault and p2mgetentry in the Xen hypervisor are related to incorrect checks on the root table. Exploitation of these vulnerabilities can allow a malicious actor to gain access to confidential data, compromise its integrity, and cause servi...

The vulnerability of Xen hypervisors arises from insufficient validation of input data, allowing attackers to trigger service failures or increase their privileges.

The vulnerability of Xen hypervisors exists due to insufficient checking of input data. Exploiting this vulnerability can allow attackers to cause service failures or increase their privileges...

The vulnerability of Xen hypervisors relates to the insecure management of privileges, which allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Xen hypervisors is related to an emulation error in PV x86, where there is no check for the limit on the descriptor table. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...

The vulnerability of Xen hypervisors relates to insufficient validation of input data, allowing attackers to trigger a service failure.

The vulnerability of Xen hypervisors is related to an error in the VMX VMEntry function, which does not handle certain cases correctly. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of Xen hypervisors relates to insufficient validation of input data. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Xen hypervisors relates to the dynamic adaptation of the number of page levels in the IOMMU, in accordance with the size of the address space of the user. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and even cause...

The vulnerability of Xen hypervisors relates to the execution of loops with an unavailable exit condition, allowing a malicious actor to cause a service failure.

The vulnerability of Xen hypervisors is related to incorrect processing of bits during iterations. Exploiting this vulnerability can allow an attacker to cause a service failure...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw in the Xen hypervisor IOMMU error handling implementation could allow a privileged guest user, within a guest operating system that has direct control of a PCI device, to cause performance degradation on the host an...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A flaw was found in the way the Linux kernel's KVM hypervisor implementation emulated the syscall instruction for 32-bit guests. An unprivileged guest user could trigger this flaw to crash the guest...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A flaw was found in the way the Xen hypervisor implementation handled instruction emulation during virtual machine exits. A malicious user-space process running in an SMP guest could trick the emulator into reading a different instruction than the one th...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as an off-by-one flaw was found in the addrok macro in the Linux kernel's Xen hypervisor implementation when running on 64-bit systems. A privileged guest user could trigger this flaw to cause the hypervisor to crash...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the way the Linux kernel's Xen hypervisor implementation emulated the SAHF instruction. When using a fully-virtualized guest on a host that does not use hardware assisted paging HAP, such as those runni...