Lucene search
K

226 matches found

Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.6 views

PT-2024-10469

Name of the Vulnerable Software and Affected Versions Xen affected versions not specified Description The issue is related to the construction of ACPI tables for PVH guests by the toolstack, which involves building the tables in local memory before copying them into guest memory. The excess space...

7.5CVSS7.9AI score0.17444EPSS
Exploits0References114
OSV
OSV
added 2024/07/22 2:57 p.m.9 views

CLSA-2024-1721660263 Fix of 96 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-35902 - net/rds: fix possible cp null dereference CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof vs ARRAYSIZE bug CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADFDEVRESETSYNC memory leak CVE-url:...

9.1CVSS6.7AI score0.01401EPSS
Exploits1References1
OSV
OSV
added 2024/06/25 3:15 p.m.2 views

DEBIAN-CVE-2021-4440

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...

8.8CVSS5.7AI score0.00227EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/25 12:0 a.m.3 views

PT-2024-11037 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the x86/xen paravirt call in the Linux kernel. Specifically, the USERGS SYSRET64 call is used to return from a syscall via SYSRET, but a Xen PV guest wi...

8.8CVSS6.8AI score0.00642EPSS
Exploits4References581
OSV
OSV
added 2024/04/10 2:15 p.m.8 views

DEBIAN-CVE-2024-26816

In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the "startupxen" entry point. This information is used prior to booting th...

5.5CVSS5.6AI score0.00307EPSS
Exploits0References1
OSV
OSV
added 2024/04/10 2:15 p.m.8 views

UBUNTU-CVE-2024-26816

In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the "startupxen" entry point. This information is used prior to booting th...

5.5CVSS6.2AI score0.00307EPSS
Exploits0References32
OSV
OSV
added 2024/03/15 9:15 p.m.1 views

DEBIAN-CVE-2021-47112

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features Async PF, PV EOI, steal time work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all these features to ma...

5.5CVSS5.7AI score0.00237EPSS
Exploits0References1
OSV
OSV
added 2024/03/15 9:15 p.m.6 views

UBUNTU-CVE-2021-47112

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features Async PF, PV EOI, steal time work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all these features to ma...

5.5CVSS6.2AI score0.00237EPSS
Exploits0References7
OSV
OSV
added 2024/01/05 5:15 p.m.1 views

DEBIAN-CVE-2023-34322

For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on th...

7.8CVSS7.4AI score0.0023EPSS
Exploits0References1
OSV
OSV
added 2023/12/08 11:6 a.m.5 views

OESA-2023-1896 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used...

6.3CVSS6.5AI score0.00309EPSS
Exploits0References2
OSV
OSV
added 2023/03/23 8:15 p.m.5 views

UBUNTU-CVE-2023-1544

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...

6.3CVSS6.7AI score0.00309EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/03/21 12:0 a.m.4 views

PT-2023-2365

Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a...

6.3CVSS6.9AI score0.00309EPSS
Exploits0References99
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.1 views

SUSE CVE-2010-4255

The fixuppagefault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handlegdtldtmappingfault function, which allows guest OS users to cause a denial of service host OS BUGON via a...

6.1CVSS4.3AI score0.00761EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.3 views

SUSE CVE-2011-1166

Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service host crash by specifying user mode execution without user-mode pagetables...

5.5CVSS6.7AI score0.00667EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.4 views

SUSE CVE-2013-1917

Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service hypervisor crash by triggering a GP fault, which is not properly handled by another IRET instruction...

1.9CVSS6.5AI score0.00372EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.4 views

SUSE CVE-2014-8594

The dommuupdate function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service NULL pointer dereference by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging...

5.4CVSS6.7AI score0.02221EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.3 views

SUSE CVE-2015-4164

The compatiret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service large loop and system hang via a hypercalliret call with EFLAGS.VM set...

4.9CVSS6.2AI score0.00437EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 5:13 a.m.7 views

SUSE CVE-2015-7835

The modl2entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping...

7.2CVSS6.9AI score0.00427EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.6 views

SUSE CVE-2017-8905

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215...

7.8CVSS9.5AI score0.00421EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.5 views

SUSE CVE-2017-14319

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...

7.8CVSS9.2AI score0.0041EPSS
Exploits0References14
Rows per page
Query Builder