ALPINE-CVE-2019-17343

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains...

CVE-2019-17343

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains...

CVE-2019-17343

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains...

Design/Logic Flaw

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains...

UBUNTU-CVE-2019-17343

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains...

CVE-2019-17343

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains...

CVE-2019-17343

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains...

CVE-2019-17343

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains...

Linux Kernel 4.1.3 (Ubuntu 17.10) waitid() SMEP/SMAP Privilege Escalation

// Proof of concept exploit for waitid bug introduced in Linux Kernel 4.13 // By Chris Salls twitter.com/chrissalls // This exploit can be used to break out out of sandboxes such as that in google chrome // In this proof of concept we install the seccomp filter from chrome as well as a chroot, //...

Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP/Chrome Sandbox Privilege Escalation

// Proof of concept exploit for waitid bug introduced in Linux Kernel 4.13 // By Chris Salls twitter.com/chrissalls // This exploit can be used to break out out of sandboxes such as that in google chrome // In this proof of concept we install the seccomp filter from chrome as well as a chroot, //...

Xen Denial of Service Vulnerability (CNVD-2017-32873)

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in X...

CVE-2017-15596

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service prevent physical CPU usage because of lock mishandling upon detection of an add-to-physmap error...

DEBIAN-CVE-2017-15596

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service prevent physical CPU usage because of lock mishandling upon detection of an add-to-physmap error...

Design/Logic Flaw

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service prevent physical CPU usage because of lock mishandling upon detection of an add-to-physmap error...

UBUNTU-CVE-2017-15596

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service prevent physical CPU usage because of lock mishandling upon detection of an add-to-physmap error...

ALPINE-CVE-2017-15596

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service prevent physical CPU usage because of lock mishandling upon detection of an add-to-physmap error...

CVE-2017-15596

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service prevent physical CPU usage because of lock mishandling upon detection of an add-to-physmap error...

Fedora 26 : xen (2017-b8fa8e1a13)

full fix for XSA-226, replacing workaround drop conflict of xendomain and libvirtd as can cause problems 1398590 add-to-physmap error paths fail to release lock on ARM XSA-235 1484476 Qemu: audio: host memory leakage via capture buffer CVE-2017-8309 1446521 Qemu: input: host memory leakage via...

add-to-physmap error paths fail to release lock on ARM

ISSUE DESCRIPTION When dealing with the grant map space of add-to-physmap operations, ARM specific code recognizes a number of error conditions, but fails to release a lock being held on the respective exit paths. IMPACT A malicious guest administrator can cause a denial of service. Specifically,...

Debian DSA-2582-1 : xen - several vulnerabilities

Multiple denial of service vulnerabilities have been discovered in the Xen Hypervisor. One of the issue CVE-2012-5513 could even lead to privilege escalation from guest to host. Some of the recently published Xen Security Advisories XSA 25and 28 are not fixed by this update and should be fixed in...