EUVD-2020-18277

Malware in sbrugna...

DEBIAN-CVE-2024-35880

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact...

SUSE CVE-2020-25598

An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEMacquireresource error path. The RCU Read, Copy, Update mechanism is a synchronisation primitive. A buggy error path in the XENMEMacquireresource exits without releasing an RCU reference, which is conceptually similar to...

XENMEM_aquire_resources Error Path DoS (XSA-334)

A denial of service DoS vulnerability exists in Xen servers XENMEMacquireresource due to an error path exiting without releasing an RCU Read, Copy, Update reference. An authenticated, local attacker can exploit this issue, via a malicious HVM stubdomain which can cause an RCU reference to be...

CVE-2020-25598

An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEMacquireresource error path. The RCU Read, Copy, Update mechanism is a synchronisation primitive. A buggy error path in the XENMEMacquireresource exits without releasing an RCU reference, which is conceptually similar to...

Design/Logic Flaw

An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEMacquireresource error path. The RCU Read, Copy, Update mechanism is a synchronisation primitive. A buggy error path in the XENMEMacquireresource exits without releasing an RCU reference, which is conceptually similar to...

CVE-2020-25598

A security flaw was found in Xen. This flaw allows a buggy or malicious HVM subdomain to cause an RCU reference to be leaked. This issue causes subsequent administration operations on the host to livelock, resulting in a denial of service DoS. The highest threat from this vulnerability is to syst...