28 matches found
PT-2025-53127
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue was identified and resolved in the x86/xen component of the Linux kernel within the xen init lock cpu function. Specifically, if the bind ipi to irqhandler function...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989449)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989449 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercal...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989540)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989540 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123...
CVE-2022-50495
CVE-2022-50495 is rejected/not used; this entry does not represent an active vulnerability.
PT-2025-40729
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue was identified and resolved in the Linux kernel’s x86/xen component within the xen smp intr init pv function. Specifically, local variables save newly allocated strin...
CVE-2022-49774
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvmxeneventfdassign Should not call eventfdctxput in case of error. Introduce new goto target instead. - Paolo...
CVE-2025-21818
...
CVE-2024-53241 x86/xen: don't do PV iret hypercall through hypercall page
In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...
CVE-2024-53241
CVE-2024-53241 affects the Linux kernel when running with Xen PV guests. The root cause is an unsafe PV iret hypercall path via the Xen hypercall page. The fix replaces the hypercall-page jump with an inlined sequence in xen-asm.S to stop using the hypercall page, preparing for its removal due to...
SUSE CVE-2024-53241
In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...
RHEL 9 : kernel (RHSA-2024:5928)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5928 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nftables: nftsetrbtree skip en...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nftables: nftsetrbtree skip end interval element from gc CVE-2024-26581 kernel: netfilter: nftlimit: reject configurations that cause integer overflow CVE-2024-26668 kernel: vfio/pci: Loc...
No title provided
REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: x86/xen: Add some null pointer checking to smp.c The Linux kernel CVE team has assigned CVE-2024-26908 to this issue...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 9 : kernel (RHSA-2024:4823)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4823 advisory. kernel: vmwgfx: multiple flaws CVE-2022-36402, CVE-2022-40133, CVE-2022-38457, CVE-2023-5633 kernel: nftables: CVE-2024-26581 kernel: uio:...
UBUNTU-CVE-2021-4440
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...
CVE-2021-4440
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...
CVE-2021-4440
CVE-2021-4440 (Linux kernel) fixed by commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream: in x86/xen, the paravirt USERGS_SYSRET64 path was dropped and the exit from user space now uses the iret exit from the start instead of sysret, avoiding stack-mangling prerequisites in Xen PV guests. T...
CVE-2021-4440 x86/xen: Drop USERGS_SYSRET64 paravirt call
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...