937 matches found
Astra Linux – Vulnerability in Linux
A issue was discovered in the Linux kernel versions 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur during batch hypercalls, where multiple operations are performed in a single hypercall. The success or failure of each operation is reported to the backend driver, and the...
Astra Linux – Vulnerability in Linux 5.10, Linux
Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: acpi: Fix for suspending with Xen PV The commit f1e525009493 “x86/boot: Skip realmode init code when running as Xen PV guest” missed one code path that accessed the realmodeheader. This led to a situation where a NULL pointer was...
MINI-W46X-6PV2-5WR8
Bulletin has no description...
MINI-CGQQ-47MW-5PV2
Bulletin has no description...
UBUNTU-CVE-2026-9516
Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws. To skip a leading 3-byte UTF-8 BOM, decodejson advances the input scalar's string pointer past the mark with SvPVset and restores it only on the normal return...
CVE-2026-9516
Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws. To skip a leading 3-byte UTF-8 BOM, decodejson advances the input scalar's string pointer past the mark with SvPVset and restores it only on the normal return...
Astra Linux - уязвимость в linux-5.10, linux
Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...
Astra Linux - уязвимость в linux
A issue was discovered in the Linux kernel through version 5.10.1, as used with Xen up to version 4.14.x. The Linux kernel’s PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when the thread is stopped. However, the handler may not have enough time to execute if the...
Astra Linux - уязвимость в linux
A issue was discovered in the Linux kernel versions 2.6.39 through 5.10.16, as used in Xen. The block, net, and SCSI backends consider certain errors as ordinary bugs, which are deliberately designed to cause kernel crashes. For errors that may be influenced by guests such as memory exhaustion...
Astra Linux - уязвимость в linux
A issue was discovered in the Linux kernel versions 3.11 through 5.10.16, as used by Xen. When serving requests to the PV backend, the driver maps grant references provided by the frontend. During this process, errors may occur. In one case, an error encountered earlier might be discarded by late...
Astra Linux – Vulnerability in Linux 5.10, Linux
Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...
Astra Linux – Vulnerability in Linux 5.10, Linux
Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...
SUSE CVE-2026-5299
ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
GHSA-PC3F-X583-G7J2 vulnerabilities
Vulnerabilities for packages: kubernetes, aws-node-termination-handler, postgres-operator, verticadb-operator-fips, emissary, cloudbeat, teleport-operator-fips, percona-server-mongodb-operator-fips, argo-rollouts-fips, sonobuoy-fips, zarf, zarf-fips, gpu-operator-fips, argo-cd-fips,...
MiracleLinux 3 : xen-3.0.3-142.1.0.1.AXS3 (AXSA:2013-127:02)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-127:02 advisory. This package contains the Xen tools and management daemons needed to run virtual machines on x86, x8664, and ia64 systems. Information on how to use Xen can b...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001425)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001425 advisory. Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004308)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004308 advisory. An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions o...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001536)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001536 advisory. An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001411)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001411 advisory. Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...