EUVD-2015-8224

Malware in sbrugna...

SUSE CVE-2015-8339

The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...

SUSE CVE-2015-8340

The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service deadlock or host crash via unspecified vectors, related to XENMEMexchange error handling...

SUSE CVE-2019-17342

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEMexchange was introduced...

UBUNTU-CVE-2019-17342

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEMexchange was introduced...

Xen Denial of Service Vulnerability (CNVD-2019-34762)

Xen is an open source virtual machine monitor product. Xen suffers from a denial-of-service vulnerability that stems from the presence of a race condition after the introduction of XENMEMexchange, which can be exploited by an x86 PV client OS attacker to cause a denial of service or gain privileg...

OracleVM 3.2 : xen (OVMSA-2017-0159)

The remote OracleVM system is missing necessary patches to address critical security updates : - The code of OVM3.2.9 is quite old, there is no getpage/putpage pair to protect the ownership and references of page table page which is mapped in emulatemapdest. This patch fix it by adding getpage in...

Security update for xen (important)

This update for xen to version 4.7.2 fixes the following issues: These security issues were fixed: - CVE-2017-7228: Broken check in memoryexchange permited PV guest breakout bsc1030442. - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or...

SUSE SLES11 Security Update : xen (SUSE-SU-2017:1058-1)

This update for xen fixes the following security issues : - CVE-2017-7228: Broken check in memoryexchange permited PV guest breakout bsc1030442. - CVE-2017-6414: Memory leak in the vcardapdunew function in card7816.c in libcacard allowed local guest OS users to cause a denial of service host memo...

Fedora 25 : xen (2017-054729ab08)

Qemu: 9pfs: host memory leakage via v9fscreate CVE-2017-7377 1437873 x86: broken check in memoryexchange permits PV guest breakout XSA-212, CVE-2017-7228 1438804 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...

DEBIAN-CVE-2017-7228

An issue known as XSA-212 was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEMexchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arra...

DEBIAN-CVE-2015-8340

The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service deadlock or host crash via unspecified vectors, related to XENMEMexchange error handling...

CVE-2015-8339

The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...

CVE-2015-8339

The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...

UBUNTU-CVE-2015-8339

The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...

CVE-2015-8339

The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...

CVE-2015-8339

The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service host crash via unspecified vectors related to domain teardown...

SuSE 11.2 Security Update : Xen (SAT Patch Number 7492)

XEN has been updated to fix various bugs and security issues : - XSA 36 To avoid an erratum in early hardware, the Xen AMD IOMMU code by default choose to use a single interrupt remapping table for the whole system. This sharing implied that any guest with a passed through PCI device that is bus...