12 matches found
Astra Linux - уязвимость в linux
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the event-handling loop a race condition. This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash vi...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004077)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004077 advisory. An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the...
Possible deadlock in Linux kernel event handling
ISSUE DESCRIPTION Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g...
Xen 安全漏洞
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen, whic...
PT-2022-5558 · Linux +5 · Linux +5
Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Xen affected versions not specified Description: The issue is related to errors in resource release and a potential Denial of Service DoS in dom0 caused by Arm guests via PV devices. When mapping pages of...
Linux 竞争条件问题漏洞
Linux is an open source operating system from the Linux Foundation in the United States. A security vulnerability exists in Linux PV devices that stems from a competitive condition and the lack of return code testing in Linux, where a malicious backend of a PV device front-end driver can access...
Linux 竞争条件问题漏洞
Linux is an open source operating system from the Linux Foundation in the United States. A security vulnerability exists in Linux PV devices that stems from a competitive condition and the lack of return code testing in Linux, where a malicious backend of a PV device front-end driver can access...
An issue was discovered in the Linux kernel through 5.9.1 as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device aka CID-073d0552ead5.
...
CVE-2020-27675
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the event-handling loop a race condition. This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash vi...
CVE-2020-27675
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the event-handling loop a race condition. This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash vi...
DEBIAN-CVE-2020-27675
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the event-handling loop a race condition. This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash vi...
CVE-2020-27675
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the event-handling loop a race condition. This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash vi...