9 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
Guests can trigger the reset/abort/crash of the NIC interface through netback. It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux-based network backend by sending certain types of packets. It seems to be an unstated assumption in the rest of the Linux network stack...
CVE-2022-49649
In the Linux kernel, the following vulnerability has been resolved: xen/netback: avoid entering xenvifrxnextskb with an empty rx queue xenvifrxnextskb is expecting the rx queue not being empty, but in case the loop in xenvifrxaction is doing multiple iterations, the availability of another skb in...
USN-6446-2 linux-gcp-5.15, linux-gkeop-5.15 vulnerabilities
Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...
SUSE CVE-2021-28691
Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel thread termination will...
PT-2023-33130 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to the xen/netback component, where protocol headers may fall in the non-linear area. The actual impact and attack plausibility have not yet been proven. Recommendations...
USN-5046-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.11, linux-kvm, linux-oracle, linux-raspi vulnerabilities
It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. CVE-2020-26558, CVE-2021-0129 Michael Brown discovered that the Xen netback driver in the Linux kernel did...
The vulnerability of the xen-netback component in the Linux operating system allows a hacker to increase their privileges or expose sensitive information.
The vulnerability of the xen-netback component in the Linux operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to increase their privileges or disclose sensitive information...
USN-3820-1 linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities
Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-15471 It was discovered that the generic SCSI...
CVE-2013-0216
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption...