Lucene search
K

37 matches found

OSV
OSV
added 2023/06/29 12:38 p.m.12 views

USN-6192-1 linux, linux-allwinner, linux-allwinner-5.19, linux-aws, linux-aws-5.19, linux-azure, linux-gcp, linux-gcp-5.19, linux-hwe-5.19, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi, linux-starfive, linux-starfive-5.19 vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 Xingyuan Mo and Gengjia Chen...

7.8CVSS6.9AI score0.00532EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2023/06/29 12:38 p.m.75 views

USN-6192-1: Linux kernel vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 Xingyuan Mo and Gengjia Chen...

7.8CVSS7.3AI score0.00532EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/05/16 8:43 a.m.6 views

kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva

A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service...

6.9CVSS6.6AI score0.00318EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.3 views

SUSE CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

6.2CVSS6.9AI score0.00353EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2021/01/19 12:0 a.m.31 views

Xen INVLPG-like flushes may leave stale TLB entries privilege escalation (XSA-286)

A privilege escalation vulnerability exists in Xen x86 PV guest kernels due to mishandles invalidation of TLB entries An unauthenticated, local attacker x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during...

5.3CVSS7.2AI score0.00353EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/11/06 12:0 a.m.37 views

openSUSE Security Update : xen (openSUSE-2020-1844)

This update for xen fixes the following issues : - bsc1177409 - VUL-0: CVE-2020-27673: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 - bsc1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen mapping code XSA-345 - bsc1177413 - VUL-0: CVE-2020-27671: xen: undue...

7.8CVSS6.3AI score0.0041EPSS
Exploits0References8
OSV
OSV
added 2020/10/22 9:15 p.m.25 views

CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

5.3CVSS6.7AI score
Exploits0References7
NVD
NVD
added 2020/10/22 9:15 p.m.19 views

CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

5.3CVSS0.00353EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2020/10/22 9:15 p.m.21 views

CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

5.3CVSS6.8AI score0.00353EPSS
Exploits0References2
OSV
OSV
added 2020/10/22 9:15 p.m.3 views

UBUNTU-CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

5.3CVSS7.2AI score0.00353EPSS
Exploits0References3
CVE
CVE
added 2020/10/22 8:33 p.m.160 views

CVE-2020-27674

CVE-2020-27674 is a Xen hypervisor local privilege escalation affecting Xen 4.14.x and earlier where x86 PV guests can gain guest OS privileges by modifying kernel memory contents due to mishandled invalidation of TLB entries in an INVLPG-like attack. The issue enables a local attacker to escalat...

5.3CVSS5.9AI score0.00353EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2020/10/22 8:33 p.m.24 views

CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

5.3CVSS6.2AI score0.00353EPSS
Exploits0
Xen Project
Xen Project
added 2020/10/20 12:0 p.m.46 views

x86 PV guest INVLPG-like flushes may leave stale TLB entries

ISSUE DESCRIPTION x86 PV guest kernels may use hypercalls with INVLPG-like behavior to invalidate TLB entries even after changes to non-leaf page tables. Such changes to non-leaf page tables will, however, also render stale possible TLB entries created by Xen's internal use of linear page tables ...

5.3CVSS0.2AI score0.00353EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/02/29 12:0 a.m.35 views

FreeBSD : xen-kernel -- VMX: intercept issue with INVLPG on non-canonical address (80adc394-ddaf-11e5-b2bd-002590263bf5)

The Xen Project reports : While INVLPG does not cause a General Protection Fault when used on a non-canonical address, INVVPID in its 'individual address' variant, which is used to back the intercepted INVLPG in certain cases, fails in such cases. Failure of INVVPID results in a hypervisor bug...

6.3CVSS7.1AI score0.01277EPSS
Exploits0References3
CNVD
CNVD
added 2016/01/28 12:0 a.m.6 views

Xen 'paging_invlpg' function denial of service vulnerability

Xen is an open source virtual machine monitor product developed by the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in t...

6.3CVSS8.2AI score0.01277EPSS
Exploits0References1
Xen Project
Xen Project
added 2016/01/20 12:0 p.m.87 views

VMX: intercept issue with INVLPG on non-canonical address

ISSUE DESCRIPTION While INVLPG does not cause a General Protection Fault when used on a non-canonical address, INVVPID in its "individual address" variant, which is used to back the intercepted INVLPG in certain cases, fails in such cases. Failure of INVVPID results in a hypervisor bug check...

6.3CVSS0.1AI score0.01277EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2016/01/20 12:0 a.m.37 views

xen-kernel -- VMX: intercept issue with INVLPG on non-canonical address

The Xen Project reports: While INVLPG does not cause a General Protection Fault when used on a non-canonical address, INVVPID in its "individual address" variant, which is used to back the intercepted INVLPG in certain cases, fails in such cases. Failure of INVVPID results in a hypervisor bug...

6.3CVSS1.6AI score0.01277EPSS
Exploits0References1
Rows per page
Query Builder