24 matches found
EUVD-2020-18275
Malware in sbrugna...
EUVD-2018-2544
Malware in sbrugna...
EUVD-2020-20178
Malware in sbrugna...
EUVD-2018-11634
Malware in sbrugna...
EUVD-2019-7756
Malware in sbrugna...
EUVD-2019-9199
Malware in sbrugna...
CVE-2024-31143
An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...
CVE-2024-31143
An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...
CVE-2024-31143 double unlock in x86 guest IRQ handling
An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...
SUSE: Security Advisory (SUSE-SU-2024:2534-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2024:2533-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2533-1 advisory. - CVE-2024-2201: Mitigation for Native Branch History Injection XSA-456, bsc1222453 - CVE-2024-31143: Fixed double unlock in x86...
SUSE CVE-2017-15588
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry...
SUSE CVE-2018-7542
An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service NULL pointer dereference and hypervisor crash by leveraging the mishandling of configurations that lack a Local APIC...
CVE-2020-27672
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages...
CVE-2019-19582
An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service infinite loop because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which...
CVE-2018-19964
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service host OS hang because the p2m lock remains unavailable indefinitely in certain error conditions...
Denial of service
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because MSI mapping was mishandled...
CVE-2017-15590
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because MSI mapping was mishandled...
Code injection
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service host crash, or execute arbitrary code on the host by leveraging broken emulation of bit test instructions...
CVE-2016-9383
CVE-2016-9383 affects Xen when running on a 64‑bit hypervisor. The issue stems from broken emulation of bit test instructions, allowing a local x86 guest to modify arbitrary host memory and potentially obtain sensitive data, crash the host, or execute code on the host. Connected sources describe ...