Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.28 views

Oracle Linux 5 : ELSA-2012-1540-1: / kernel (ELSA-2012-15401)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-15401 advisory. - The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows...

6.9AI score0.0285EPSS
Exploits4References7
Prion
Prion
added 2015/10/30 3:59 p.m.16 views

Design/Logic Flaw

The p2mpodemergencysweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service CPU consumption and possibly reboot via crafted memory contents that triggers a "time-consuming linear scan,"...

4.9CVSS6.7AI score0.00436EPSS
Exploits0References10Affected Software1
ATTACKERKB
ATTACKERKB
added 2015/10/30 3:59 p.m.3 views

CVE-2015-7972

The 1 libxlsetmemorytarget function in tools/libxl/libxl.c and 2 libxlbuildpost function in tools/libxl/libxldom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand PoD system, which allows local HVM guest users to cause a denial of service...

2.1CVSS5.5AI score0.00426EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2015/10/30 9:33 a.m.22 views

CVE-2015-0777

drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...

2.1CVSS6.7AI score0.00413EPSS
Exploits0References2
Xen Project
Xen Project
added 2015/10/29 11:59 a.m.56 views

x86: Uncontrolled creation of large page mappings by PV guests

ISSUE DESCRIPTION The code to validate level 2 page table entries is bypassed when certain conditions are satisfied. This means that a PV guest can create writeable mappings using super page mappings. Such writeable mappings can violate Xen intended invariants for pages which Xen is supposed to...

7.2CVSS7.7AI score0.00427EPSS
Exploits0Affected Software1
Xen Project
Xen Project
added 2015/10/29 11:59 a.m.75 views

x86: Long latency populate-on-demand operation is not preemptible

ISSUE DESCRIPTION When running an HVM domain in Populate-on-Demand mode, Xen would sometimes search the domain for memory to reclaim, in response to demands for population of other pages in the same domain. This search runs without preemption. The guest can, by suitable arrangement of its memory...

4.9CVSS7.1AI score0.00436EPSS
Exploits0Affected Software1
Prion
Prion
added 2015/04/05 9:59 p.m.22 views

Design/Logic Flaw

drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...

2.1CVSS5.9AI score0.00413EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2015/04/05 9:59 p.m.32 views

CVE-2015-0777

drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...

2.1CVSS5AI score0.00413EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2015/04/05 9:59 p.m.20 views

CVE-2015-0777

drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...

2.1CVSS6.8AI score0.00413EPSS
Exploits0References2
CVE
CVE
added 2015/04/05 9:0 p.m.111 views

CVE-2015-0777

CVE-2015-0777 affects Linux Xen patches (linux-2.6.18-xen-3.4.0) used on Linux kernels 2.6.x/3.x. The vulnerability lets a guest OS read from uninitialized host kernel memory via unspecified vectors. Connected advisories note an incomplete fix for this CVE; remediation requires applying updated k...

2.1CVSS4.7AI score0.00413EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2015/04/05 9:0 p.m.31 views

CVE-2015-0777

drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...

4.6AI score0.00413EPSS
Exploits0References6
Prion
Prion
added 2013/12/24 7:55 p.m.26 views

Design/Logic Flaw

The XENDOMCTLgetmemlist hypercall in Xen 3.4.x through 4.3.x possibly 4.3.1 does not always obtain the pagealloclock and mmrwlock in the same order, which allows local guest administrators to cause a denial of service host deadlock...

5.2CVSS6.6AI score0.00565EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2012/12/13 11:53 a.m.26 views

CVE-2012-6333

Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service physical CPU consumption via a large input...

4.7CVSS6.1AI score0.00395EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2012/12/13 11:53 a.m.36 views

CVE-2012-5511

Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service crash via a large bitmap image...

4.7CVSS7.4AI score0.00435EPSS
Exploits0References3
Prion
Prion
added 2012/12/03 9:55 p.m.29 views

Design/Logic Flaw

Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter instruction, does not properly clear a flag for exception injection when injecting a General Protection Fault, which allows local PV guest OS users to cause a denial of service guest crash by later...

1.9CVSS6.9AI score0.00397EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2010/06/16 8:30 p.m.25 views

Design/Logic Flaw

arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploitation of CVE-2006-0742...

4.9CVSS6.2AI score0.00391EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder