EUVD-2010-0466

Malware in sbrugna...

EUVD-2018-10594

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-18883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service NULL pointer...

SUSE: Security Advisory (SUSE-SU-2018:4070-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HyperDbg - The Source Code Of HyperDbg Debugger

HyperDbg is designed with a focus on using modern hardware technologies to provide new features to the reverse engineering world. It operates on top of Windows by virtualizing an already running system using Intel VT-x and Intel PT. This debugger aims not to use any APIs and software debugging...

x86: Race condition in Xen mapping code

ISSUE DESCRIPTION The Xen code handling the updating of the hypervisor's own pagetables tries to use 2MiB and 1GiB superpages as much as possible to maximize TLB efficiency. Some of the operations for checking and coalescing superpages take non-negligible amount of time; to avoid potential lock...

Barbervisor: Journey developing a snapshot fuzzer with Intel VT-x

By Cory Duplantis. One of the ways vulnerability researchers find bugs is with fuzzing. At a high level, fuzzing is the process of generating and mutating random inputs for a given target to crash it. In 2017, I started developing a bare metal hypervisor for the purposes of snapshot fuzzing:...

Denial Of Service (DoS)

kvm is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw was found when the host system had a processor with the Intel VT-x extension enabled. A privileged guest user could use this flaw to trick the host into emulating a certain instruction...

openSUSE Security Update : xen (openSUSE-2019-1046) (Foreshadow)

This update for xen fixes the following issues : Update to Xen 4.10.2 bug fix release bsc1027519. Security vulnerabilities fixed : - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, m...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2019:0003-1)

This update for xen fixes the following issues : Update to Xen 4.11.1 bug fix release bsc1027519 CVE-2018-17963: Fixed an integer overflow issue in the QEMU emulator, which could occur when a packet with large packet size is processed. A user inside a guest could have used this flaw to crash the...

openSUSE Security Update : xen (openSUSE-2018-1624) (Foreshadow)

This update for xen fixes the following issues : Update to Xen 4.10.2 bug fix release bsc1027519. Security vulnerabilities fixed : - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, m...

Security update for xen (important)

This update for xen fixes the following issues: Security issues fixed: - CVE-2018-18849: Fixed an out of bounds memory access issue was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsidomsgin bsc1114423. - CVE-2018-18883: Fixed a NULL pointer dereference that...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:4070-1)

This update for xen fixes the following issues : Security issues fixed : CVE-2018-18849: Fixed an out of bounds memory access issue was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsidomsgin bsc1114423. CVE-2018-18883: Fixed a NULL pointer dereference that...

Fedora 27 : xen (2018-f20a0cead5)

x86: Nested VT-x usable even when disabled XSA-278 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

CVE-2018-18883

An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service NULL pointer dereference or possibly have unspecified other impact because nested VT-x is not properly restricted...

CVE-2018-18883

An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service NULL pointer dereference or possibly have unspecified other impact because nested VT-x is not properly restricted...

CVE-2018-18883

An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service NULL pointer dereference or possibly have unspecified other impact because nested VT-x is not properly restricted...

CVE-2018-18883

An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service NULL pointer dereference or possibly have unspecified other impact because nested VT-x is not properly restricted...

CVE-2018-18883

An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service NULL pointer dereference or possibly have unspecified other impact because nested VT-x is not properly restricted...

Xen Project Nested VT-x Instruction Guest-to-Host DoS (XSA-278)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a guest-to-host denial of service vulnerability. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or...