2 matches found
UBUNTU-CVE-2019-18420
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOPinitialise hypercall. hypercallcreatecontinuation is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format...
PT-2019-4882 · Xen +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen versions 4.6 through 4.12.x Description: The issue is related to incorrect error handling for a malformed format character in the hypercall initialise function of the Xen hypervisor. This can be exploited by a remote attacker to cause a...