Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000962)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000962 advisory. The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002731)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002731 advisory. Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002155 advisory. The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of...

UBUNTU-CVE-2025-40184

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...

Linux Distros Unpatched Vulnerability : CVE-2019-18420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOPinitialise hypercall...

Linux Distros Unpatched Vulnerability : CVE-2018-12893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions...

SUSE CVE-2015-7835

The modl2entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping...

SUSE CVE-2020-25599

An issue was discovered in Xen through 4.14.x. There are evtchnreset race conditions. Uses of EVTCHNOPreset potentially by a guest on itself or XENDOMCTLsoftreset by itself covered by XSA-77 can lead to the violation of various internal assumptions. This may lead to out of bounds memory accesses ...

UBUNTU-CVE-2019-18421

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen...

PT-2019-5143 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.12 Description: The issue allows x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux. This is related to an...

Xen Denial of Service Vulnerability (CNVD-2018-04652)

Xen is an open source virtual machine monitor developed by the Xen Project. A denial of service vulnerability exists in 4.10.x and earlier versions of Xen. x86 PV guest OS users can exploit this vulnerability to cause a denial of service host OS CPU hang via a non-preemptive L3/L4 page table...

DEBIAN-CVE-2017-17566

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service host OS crash or gain host OS privileges in shadow mode by mapping a certain auxiliary page...

ALPINE-CVE-2017-15595

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service unbounded recursion, stack consumption, and hypervisor crash or possibly gain privileges via crafted page-table stacking...

DEBIAN-CVE-2017-15593

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service memory leak because reference counts are mishandled...

CVE-2013-0190

The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service guest crash by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption...

kernel: xen: x86_64: fix error checking in arch_set_info_guest()

Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service host crash by specifying user mode execution without user-mode pagetables...