7 matches found
OracleVM 3.4 : xen (OVMSA-2022-0012)
The remote OracleVM system is missing necessary patches to address security updates: - Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dir...
SUSE SLES12 Security Update : xen (SUSE-SU-2022:1505-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1505-1 advisory. - Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by...
SUSE SLES12: xen / xen-doc-html / xen-libs / xen-libs-32bit / xen-tools / etc (SUSE-SU-2022:1408-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1408-1 advisory. - CVE-2022-26356: Fixed potential race conditions in dirty memory tracking that could cause a denial of service in the host...
CVE-2022-26356
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dirty hypercalls. A suitably timed call to XENDMOPtrackdirtyvram can enable log dirty whil...
Memory corruption
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dirty hypercalls. A suitably timed call to XENDMOPtrackdirtyvram can enable log dirty whil...
CVE-2022-26356
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dirty hypercalls. A suitably timed call to XENDMOPtrackdirtyvram can enable log dirty whil...
CVE-2022-26356
CVE-2022-26356 describes a race in Xen between log-dirty tracking and log-dirty hypercalls. Activation of log-dirty via XEN_DMOP_track_dirty_vram can race with tearing down structures from a prior log-dirty mode, causing entries to be written into freed slots and resulting in a memory leak. Vulne...