USN-7506-4: Linux kernel (Xenial HWE) vulnerabilities

Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...

USN-7506-1: Linux kernel vulnerabilities

Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...

USN-7428-2: Linux kernel (FIPS) vulnerabilities

Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...

USN-7428-1: Linux kernel vulnerabilities

Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7428-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7428-1 advisory. Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict t...

SUSE CVE-2021-4440

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...

Ubuntu: Security Advisory (USN-5418-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2016-10024

Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service host hang or crash by modifying the instruction stream asynchronously while performing certain kernel operations...

Xen Denial of Service Vulnerability (CNVD-2016-11700)

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A denial-of-service vulnerability...