14 matches found
DEBIAN-CVE-2022-42330
Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" e.g. for performing a kexec the libxl based Xen toolstack will normally perform a XSRELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XSRELEASE will have...
CVE-2021-28687
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of...
CVE-2021-28687
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of...
UBUNTU-CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
Unrestricted qemu logging
ISSUE DESCRIPTION When the libxl toolstack launches qemu for HVM guests, it pipes the output of stderr to a file in /var/log/xen. This output is not rate-limited in any way. The guest can easily cause qemu to print messages to stderr, causing this file to become arbitrarily large. IMPACT The disk...
xen-tools -- Unrestricted qemu logging
The Xen Project reports: When the libxl toolstack launches qemu for HVM guests, it pipes the output of stderr to a file in /var/log/xen. This output is not rate-limited in any way. The guest can easily cause qemu to print messages to stderr, causing this file to become arbitrarily large. The disk...
Xen libxl toolstack library denial of service vulnerability
Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. The Xen ibxl toolstack library fails to properly release the file mappings made for the kernel and initial virtual disks when managing multiple domains in the same process, allowi...
CVE-2015-8341
The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service memory and disk consumption by starting domains...
DEBIAN-CVE-2015-8341
The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service memory and disk consumption by starting domains...
UBUNTU-CVE-2015-8341
The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service memory and disk consumption by starting domains...
CVE-2015-8341
The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service memory and disk consumption by starting domains...
CVE-2015-8341
CVE-2015-8341 affects the Xen libxl toolstack in Xen 4.1.x–4.6.x, where mappings for pv kernel/initrd may not be properly released when managing multiple domains in one process. This can allow a local attacker to cause DoS via memory and disk consumption by starting domains. Connected advisories ...
xen-tools -- HVM qemu unexpectedly enabling emulated VGA graphics backends
The Xen Project reports: When instantiating an emulated VGA device for an x86 HVM guest qemu will by default enable a backend to expose that device, either SDL or VNC depending on the version of qemu and the build time configuration. The libxl toolstack library does not explicitly disable these...
use-after-free in libxl_list_cpupool under memory pressure
ISSUE DESCRIPTION If realloc3 fails then libxllistcpupool will incorrectly return the now-free original pointer. IMPACT An attacker may be able to cause a multithreaded toolstack using this function to race against itself leading to heap corruption and a potential DoS. Depending on the malloc...