10 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-18421
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and...
SUSE CVE-2019-18421
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen...
SUSE SLES11 Security Update : xen (SUSE-SU-2020:14444-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14444-1 advisory. - Improper invalidation for page table updates by a virtual guest operating system for multiple IntelR Processors may allow an authenticated...
CVE-2019-19580
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. XSA-299 addressed several critical issues in restartable PV type...
CVE-2019-19580
Xen through 4.12.x contains a privilege-escalation vulnerability (CVE-2019-19580) affecting x86 PV guests due to race conditions in pagetable promotion/demotion after an incomplete fix for CVE-2019-18421 (XSA-299). The issue could allow a malicious PV guest administrator to escalate to host privi...
Xen Restartable PV Type Change Operations Elevation of Privilege Vulnerability (XSA-299)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an elevation of privilege vulnerability due to race conditions in the pagetable promotion and demotion operations. An authenticated, remote attacker can exploit this issue, by triggering...
ALPINE-CVE-2019-18421
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen...
UBUNTU-CVE-2019-18421
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen...
CVE-2019-18421
CVE-2019-18421 affects the Xen hypervisor on x86 PV guests. Root cause: restartable PV type changes with recursive pagetable promotions/demotions contain races that can lead to incorrect type counts, enabling a PV guest to gain host privileges. Impact: local privilege escalation to host OS on all...
PT-2019-4883 · Xen +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen versions through 4.12.x Description: The issue is related to a flaw in restartable PV type change operations, which can be exploited by a remote attacker to gain access to confidential data, compromise its integrity, and cause a denial of...