197 matches found
CVE-2023-34322 top-level shadow reference dropped too early for 64-bit PV guests
For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on th...
CVE-2023-34322 top-level shadow reference dropped too early for 64-bit PV guests
For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on th...
CVE-2023-34322
For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on th...
Fedora 37 : xen (2023-948136565a)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-948136565a advisory. arm32: The cache may not be properly cleaned/invalidated XSA-437, CVE-2023-34321 top-level shadow reference dropped too early for 64-bit PV guests...
SUSE SLES15 Security Update : xen (SUSE-SU-2023:3902-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3902-1 advisory. - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed...
SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2023:3895-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3895-1 advisory. - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed...
SUSE SLED15: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2023:3832-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3832-1 advisory. - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439...
SUSE CVE-2023-34322
For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on th...
top-level shadow reference dropped too early for 64-bit PV guests
ISSUE DESCRIPTION For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this...
SUSE SLED15: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2023:2535-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2535-1 advisory. Security fixes: - CVE-2022-42336: Fix an issue where guests configuring AMD Speculative Store...
AlmaLinux 8 : kernel (ALSA-2023:2951)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2951 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. CVE-2021-26341 - When sending...
RHEL 8 : kernel (RHSA-2023:2951)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2951 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later...
kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva
A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service...
kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva
A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service...
RHEL 9 : kernel-rt (RHSA-2023:2148)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2148 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
SUSE CVE-2022-42335
x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...
kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva
A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service...
kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva
A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service...
Fedora 38 : xen (2023-d28433ead1)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-d28433ead1 advisory. x86 shadow paging arbitrary pointer dereference XSA-430, CVE-2022-42335 Tenable has extracted the preceding description block directly from the Fedora securi...
CVE-2022-42335
x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...