Lucene search
K

30 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-20175

Malware in sbrugna...

7.8CVSS7.4AI score0.00337EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-38407

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00287EPSS
Exploits0References1
OSV
OSV
added 2024/01/05 5:15 p.m.30 views

CVE-2023-34326

The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...

7.8CVSS7.1AI score
Exploits0References1
Prion
Prion
added 2024/01/05 5:15 p.m.26 views

Memory corruption

The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...

4.3CVSS6.9AI score0.00287EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/01/05 5:15 p.m.38 views

CVE-2023-34326

The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...

7.8CVSS7.1AI score0.00287EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/05 4:30 p.m.2 views

CVE-2023-34326 x86/AMD: missing IOMMU TLB flushing

The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...

7.2AI score0.00287EPSS
Exploits0References1
Veracode
Veracode
added 2023/11/30 8:55 p.m.26 views

Denial Of Service (DoS)

xen is vulnerable to Denial Of Service DoS. The vulnerability exists due to incorrect caching invalidation guidelines in the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 on certain hardware. Updating specific fields of the DTE without flushing the IOMMU TLB can lead to device malfunctions e.g...

7.8CVSS7AI score0.00287EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/11/17 7:5 a.m.7 views

SUSE-SU-2023:4476-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-34325: Multiple vulnerabilities in...

7.8CVSS6.7AI score0.12405EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2023/11/17 12:0 a.m.26 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xen (SUSE-SU-2023:4476-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4476-1 advisory. - A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. CVE-2023-20588 - arm3...

7.8CVSS7.7AI score0.12405EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.39 views

Fedora 39 : xen (2023-de338d9f37)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-de338d9f37 advisory. xenstored: A transaction conflict can crash C Xenstored XSA-440, CVE-2023-34323 x86/AMD: missing IOMMU TLB flushing XSA-442, CVE-2023-34326 Multiple...

7.8CVSS6.2AI score0.00289EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/10/26 12:0 a.m.33 views

Fedora 37 : xen (2023-881672fdab)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-881672fdab advisory. xenstored: A transaction conflict can crash C Xenstored XSA-440, CVE-2023-34323 x86/AMD: missing IOMMU TLB flushing XSA-442, CVE-2023-34326 Multiple...

7.8CVSS6.2AI score0.00289EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/10/25 12:0 a.m.30 views

SUSE SLES12: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2023:4185-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4185-1 advisory. - CVE-2023-34323: Fixed a potential crash in C Xenstored due to an incorrect assertion XSA-440 bsc1215744. - CVE-2023-34326: Fixed ...

7.8CVSS6.4AI score0.00289EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2023/10/25 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2023:4184-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6AI score0.00289EPSS
Exploits0References7
OSV
OSV
added 2023/10/12 7:49 a.m.4 views

SUSE-SU-2023:4054-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-34323: A transaction conflict can crash C Xenstored XSA-440, bsc1215744 - CVE-2023-34326: Missing IOMMU TLB flushing XSA-442, bsc1215746 - CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling XSA-443, bsc1215747 -...

7.8CVSS6.7AI score0.00289EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.2 views

SUSE CVE-2020-27671

An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service data corruption, cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled...

7.8CVSS7.1AI score0.00337EPSS
Exploits0References26
NVD
NVD
added 2022/05/11 5:15 p.m.30 views

CVE-2021-26348

Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity...

5.5CVSS0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/11 4:26 p.m.27 views

CVE-2021-26348

Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity...

6.3AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/16 5:55 p.m.31 views

CVE-2021-26312

Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity...

6.3AI score0.00239EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2020:3088-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.0041EPSS
Exploits0References7
Veracode
Veracode
added 2021/01/21 4:35 p.m.30 views

Privilege Escalation

xen is vulnerable to privilege escalation. Guest OS users are able to cause a denial of service condition which could cause a data leak and possibly gaining privileges due to the mishandling of the coalescing of per-page IOMMU TLB flushes...

7.8CVSS5.7AI score0.00337EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder