77 matches found
CVE-2019-11487
The Linux kernel before 5.1-rc5 allows page-refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipefsi.h, kernel/trace/trace.c, mm/gup.c, and...
pin count / page reference race in grant table code
ISSUE DESCRIPTION Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying domain, the assumption turns...
CVE-2017-15597 - Citrix XenServer Security Update
Description of Problem A security vulnerability has been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host. This vulnerability affects all currently supported versions of Citrix XenServer up to and including Citrix XenServer 7.2. The...
DEBIAN-CVE-2015-6654
The xenmemaddtophysmapone function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map t...
UBUNTU-CVE-2015-6654
The xenmemaddtophysmapone function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map t...
SUSE SLES10 Security Update : Xen (SUSE-SU-2014:1691-1)
Xen has been updated to fix six security issues : - Guest effectable page reference leak in MMUMACHPHYSUPDATE handling CVE-2014-9030. - Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor CVE-2014-8867. - Missing privilege level checks in x86 emulation of far branches...
Xen DoS
Invalid page reference handling...
[SECURITY] [DSA 3140-1] xen security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3140-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 27, 2015 http://www.debian.org/security/faq -...
Debian DSA-3140-1 : xen - security update
Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation. - CVE-2014-8594 Roger Pau Monne and Jan Beulich discovered that incomplete restrictions on MMU update hypercalls may result in...
[SECURITY] [DSA 3140-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3140-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 27, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3140-1 (xen - security update)
Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation. CVE-2014-8594 Roger Pau Monne and Jan Beulich discovered that incomplete restrictions on MMU update hypercalls may result in...
Fedora 20 : xen-4.3.3-5.fc20 (2014-15521)
Guest effectable page reference leak in MMUMACHPHYSUPDATE handling Insufficient restrictions on certain MMU update hypercalls, Missing privilege level checks in x86 emulation of far branches, Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't exploitable from xen Note that Tenable...
openSUSE Security Update : xen (openSUSE-SU-2013:1404-1)
XEN was updated to 4.2.2, fixing lots of bugs and several security issues. Various upstream patches were also merged into this version by our developers. Detailed buglist : - bnc824676 - Failed to setup devices for vm instance when start multiple vms simultaneously - bnc817799 - sles9sp4 guest...
Fedora 17 : xen-4.1.5-9.fc17 (2013-11871)
XSA-45/CVE-2013-1918 breaks page reference counting let pygrub handle set default='$nextentry' line in F19 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as muc...
Fedora 18 : xen-4.2.2-10.fc18 (2013-11874)
XSA-45/CVE-2013-1918 breaks page reference counting let pygrub handle set default='$nextentry' line in F19 libxl: Set vfb and vkb devid if not done so by the caller Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
Updated xen package fixes security issues
This update fixes the following security issues: XSA-52/CVE-2013-2076: Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-53/CVE-2013-2077: Hypervisor crash due to missing exception recovery on XRSTOR XSA-54/CVE-2013-2078: Hypervisor crash due to missing exception recovery on XSETBV...
Page reference counting error due to XSA-45/CVE-2013-1918 fixes
ISSUE DESCRIPTION The XSA-45/CVE-2013-1918 patch making error handling paths preemptible broke page reference counting by not retaining a reference on pages stored for deferred cleanup. This would lead to the hypervisor prematurely attempting to free the page, generally crashing upon finding the...