EUVD-2022-28144

Malicious code in bioql PyPI...

RHEL 5 : xsa222_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xsa222 xen: stale P2M mappings due to insufficient error checking XSA-222 CVE-2017-10918 Note that Nessus has not...

CVE-2022-33747

Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. removing pages from a guest's P2M Physical-to-Machine mapping. When large pages are in use to map guest pages in the 2nd-stage page tables, such a removal operation may incur a memory allocation to replace a...

CVE-2022-23033

arm: guestphysmapremovepage not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm p2mremovemapping, guestphysmapremovepage, and p2msetentry with mfn set to INVALIDMFN do not actually clear the pagetable entry if the entry doesn't have the vali...

CVE-2022-23033

arm: guestphysmapremovepage not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm p2mremovemapping, guestphysmapremovepage, and p2msetentry with mfn set to INVALIDMFN do not actually clear the pagetable entry if the entry doesn't have the vali...

CVE-2022-23033

arm: guestphysmapremovepage not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm p2mremovemapping, guestphysmapremovepage, and p2msetentry with mfn set to INVALIDMFN do not actually clear the pagetable entry if the entry doesn't have the vali...

CVE-2022-23033

arm: guestphysmapremovepage not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm p2mremovemapping, guestphysmapremovepage, and p2msetentry with mfn set to INVALIDMFN do not actually clear the pagetable entry if the entry doesn't have the vali...

arm: guest_physmap_remove_page not removing the p2m mappings

ISSUE DESCRIPTION The functions to remove one or more entries from a guest p2m pagetable on Arm p2mremovemapping, guestphysmapremovepage, and p2msetentry with mfn set to INVALIDMFN do not actually clear the pagetable entry if the entry doesn't have the valid bit set. It is possible to have a vali...

Citrix XenServer Multiple Vulnerabilities (CTX224740)

The version of Citrix XenServer installed on the remote host is missing a security hotfix. It is, therefore, affected by multiple vulnerabilities : - A flaw exists that causes grant table operations to fail due to improper handling of reference counts. An unauthenticated, remote attacker can...

stale P2M mappings due to insufficient error checking

ISSUE DESCRIPTION Certain actions require removing pages from a guest's P2M Physical-to-Machine mapping. When large pages are in use to map guest pages in the 2nd-stage page tables, such a removal operation may incur a memory allocation to replace a large mapping with individual smaller ones. If...