9 matches found
UBUNTU-CVE-2024-50173
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tickctxcleanup The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated listhead, not a valid group. Get the ptdev...
SUSE CVE-2015-4106
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service host crash, obtain sensitive information, or possibly have other unspecified impact via unknown vectors...
SUSE CVE-2017-14431
Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service ARM or x86 AMD host OS memory consumption by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207...
DEBIAN-CVE-2019-19579
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device and assignable-add is not used, because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's...
DEBIAN-CVE-2019-18424
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to...
UBUNTU-CVE-2019-18424
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to...
Fedora 29 : xen (2019-3e89502cb1)
xen: various flaws 1685577 grant table transfer issues on large hosts XSA-284 race with pass-through device hotplug XSA-285 x86: stealpage violates pagestruct access discipline XSA-287 x86: Inconsistent PV IOMMU discipline XSA-288 missing preemption in x86 PV page table unvalidation XSA-290 x86/P...
DEBIAN-CVE-2017-14431
Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service ARM or x86 AMD host OS memory consumption by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207...
UBUNTU-CVE-2017-14431
Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service ARM or x86 AMD host OS memory consumption by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207...