Lucene search
K

4 matches found

AlpineLinux
AlpineLinux
added 2026/05/19 12:49 p.m.18 views

CVE-2026-23558

The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a grant table version change from v2 to v1 in parallel with mapping the status pages via XENMEMaddtophysmap. Some of the status pages may then be freed while...

7.8CVSS5.8AI score0.00117EPSS
Exploits0References3
OSV
OSV
added 2022/02/04 8:30 a.m.9 views

OPENSUSE-SU-2022:0333-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-23033: Fixed guestphysmapremovepage not removing the p2m mappings. XSA-393 bsc1194576 - CVE-2022-23034: Fixed possible DoS by a PV guest Xen while unmapping a grant. XSA-394 bsc1194581 - CVE-2022-23035: Fixed insufficient cleanup of...

7.8CVSS5.5AI score0.00352EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2022/01/25 2:35 p.m.27 views

CVE-2022-23033

arm: guestphysmapremovepage not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm p2mremovemapping, guestphysmapremovepage, and p2msetentry with mfn set to INVALIDMFN do not actually clear the pagetable entry if the entry doesn't have the vali...

7.8CVSS0.7AI score0.0034EPSS
Exploits0References3
GoogleProjectZero
GoogleProjectZero
added 2020/07/31 12:0 a.m.31 views

The core of Apple is PPL: Breaking the XNU kernel's kernel

Posted by Brandon Azad, Project Zero While doing research for the one-byte exploit technique, I considered several ways it might be possible to bypass Apple's Page Protection Layer PPL using just a physical address mapping primitive, that is, before obtaining kernel read/write or defeating PAC...

6.9AI score
Exploits0
Rows per page
Query Builder