Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.4 views

SUSE CVE-2013-1919

Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs or PCI devices."...

4.7CVSS6.6AI score0.00372EPSS
Exploits0References8
OSV
OSV
added 2020/09/23 10:15 p.m.4 views

ALPINE-CVE-2020-25598

An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEMacquireresource error path. The RCU Read, Copy, Update mechanism is a synchronisation primitive. A buggy error path in the XENMEMacquireresource exits without releasing an RCU reference, which is conceptually similar to...

5.5CVSS6.7AI score0.00416EPSS
Exploits0References1
Xen Project
Xen Project
added 2018/05/08 5:0 p.m.508 views

qemu may drive Xen into unbounded loop

ISSUE DESCRIPTION When Xen sends requests to a device model, the next expected action inside Xen is tracked using a state field. The requests themselves are placed in a memory page shared with the device model, so that the device model can communicate to Xen its progress on the request. The state...

6.5CVSS0.8AI score0.00442EPSS
Exploits0Affected Software1
Xen Project
Xen Project
added 2016/12/06 12:0 p.m.54 views

qemu ioport array overflow

ISSUE DESCRIPTION The code in qemu which implements ioport read/write looks up the specified ioport address in a dispatch table. The argument to the dispatch function is a uint32t, and is used without a range check, even though the table has entries for only 2^16 ioports. When qemu is used as a...

7.5CVSS0.00364EPSS
Exploits0
Xen Project
Xen Project
added 2014/11/20 4:26 p.m.56 views

Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling

ISSUE DESCRIPTION An error handling path in the processing of MMUMACHPHYSUPDATE failed to drop a page reference which was acquired in an earlier processing step. IMPACT Malicious or buggy stub domain kernels or tool stacks otherwise living outside of Domain0 can mount a denial of service attack...

7.1CVSS6.2AI score0.02197EPSS
Exploits0Affected Software1
Xen Project
Xen Project
added 2013/04/18 12:0 p.m.73 views

Several access permission issues with IRQs for unprivileged guests

ISSUE DESCRIPTION Various IRQ related access control operations may not have the intended effect, thus potentially permitting a stub domain to grant its client domain access to an IRQ it doesn't have access to itself. IMPACT Malicious or buggy stub domains kernels can mount a denial of service...

4.7CVSS2.3AI score0.00372EPSS
Exploits0
Rows per page
Query Builder