Astra Linux - уязвимость в linux

An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then...

CVE-2026-23554

The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple modifications done under the same locked region only issue a single flush. Freeing of paging structures however is not deferred until the flushing is done, and...

EUVD-2018-11634

Malware in sbrugna...

EUVD-2022-28144

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-58144

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL...

CVE-2025-58144

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL...

CVE-2025-27466

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...

UBUNTU-CVE-2025-58143

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...

CVE-2025-27466

CVE-2025-27466 affects the Xen hypervisor due to a NULL pointer dereference in updating the reference TSC area. The CVE set also covers related issues CVE-2025-58142 (NULL pointer dereference when assuming the SIM page is mapped for a synthetic timer) and CVE-2025-58143 (race in mapping the refer...

SUSE CVE-2025-58144

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL...

Linux Distros Unpatched Vulnerability : CVE-2022-33746

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing ma...

CVE-2021-28705

issues with partially successful P2M updates on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have...

CVE-2022-49660

Concrete details found: CVE-2022-49660 is tied to a race condition in the Linux kernel’s xen/arm RB-tree based P2M accounting. The vulnerability arises from concurrent calls to set_foreign_p2m_mapping() and clear_foreign_p2m_mapping() updating the RB-tree (set_phys_to_machine_multi), potentially ...

CVE-2022-49660

...

PT-2025-37190

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL...

PT-2025-37186

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description The vulnerability is awaiting analysis. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

RHEL 5 : xsa222_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xsa222 xen: stale P2M mappings due to insufficient error checking XSA-222 CVE-2017-10918 Note that Nessus has not...

SUSE CVE-2012-4537

Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the setp2mentry function fails, which allows local HVM guest OS administrators to cause a denial of service memory consumption and assertion failure, aka "Memory mapping failure DoS...

SUSE CVE-2016-5242

The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...

SUSE CVE-2022-33746

P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing...