204 matches found
SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2024:2994-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2994-1 advisory. - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460, bsc1228574 - CVE-2024-31146: Fixed PCI device...
Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information
Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites that have been found susceptible to leaking sensitive customer information. "A potential issue in NetSuite's SuiteCommerce platform could allow attackers to access sensitiv...
PCI device pass-through with shared resources
ISSUE DESCRIPTION When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration canno...
Screen Refresh Issues Through a Seamless Pass-Through Session
The screen might not repaint properly because of a poor refresh rate. Therefore, certain areas of the application appear grayed out or distorted. This happens when running an application in seamless mode while utilizing the pass-through client on the server. Manually refreshing the application do...
Domain Pass-through to StoreFront Cannot Launch XenDesktop
...
Pass-through Authentication Might Fail Starting Publish Desktops with StoreFront and Desktop Viewer
Pass-through authentication to StoreFront does not work when starting XenApp published desktops. When users log on to the client workstation with Windows Active Directory AD credentials, the Receiver starts and successfully passes the user credentials to the configured Store and displays availabl...
UBUNTU-CVE-2022-48707
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...
CVE-2024-25015
IBM MQ 9.2 LTS, 9.3 LTS, and 9.3 CD Internet Pass-Thru could allow a remote user to cause a denial of service by sending HTTP requests that would consume all available resources. IBM X-Force ID: 281278...
PT-2024-6879 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.4.5 Description: The issue is related to a path traversal vulnerability that allows a remote unauthenticated attacker to bypass authentication. This is due to incorrect restriction of the path name to a...
CVE-2024-26620 s390/vfio-ap: always filter entire AP matrix
In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: always filter entire AP matrix The vfioapmdevfiltermatrix function is called whenever a new adapter or domain is assigned to the mdev. The purpose of the function is to update the guest's AP configuration by filteri...
PT-2024-3785 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the vfio ap mdev filter matrix function in the Linux kernel, which is responsible for updating the guest's AP configuration by filtering the matrix of adapters...
kernel: dmaengine: ptdma: check for null desc before calling pt_cmd_callback
AMD PTDMA Pass-Through DMA engine crashes the kernel when ptissuepending encounters empty descriptor queues. The function blindly invokes ptcmdcallback without verifying that a valid descriptor exists, triggering a NULL pointer dereference. This commonly surfaces during system shutdown on AMD...
SUSE CVE-2023-2861
A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...
CVE-2022-42333
x86/HVM pinned cache attributes mis-handling This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults...
K39604784: BIG-IP system incorrectly forwards VLAN-tagged frames with STP at Pass Through mode
Security Advisory Description The BIG-IP system incorrectly forwards VLAN-tagged frames, even if the VLAN is not defined on the ingress interface, when Spanning Tree Protocol STP is set to Pass Through mode. Note : The following BIG-IP platforms are not affected: BIG-IP 2000s/2200s BIG-IP...
SUSE CVE-2015-4105
Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service host disk consumption via certain invalid operations...
SUSE CVE-2015-4106
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service host crash, obtain sensitive information, or possibly have other unspecified impact via unknown vectors...
SUSE CVE-2017-14431
Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service ARM or x86 AMD host OS memory consumption by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207...
SUSE CVE-2019-18424
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to...
SUSE CVE-2019-19577
An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height updates. When running on AMD systems with an IOMMU, Xen attempted to dynamically adapt the number ...