8 matches found
Design/Logic Flaw
The p2mpodemergencysweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service CPU consumption and possibly reboot via crafted memory contents that triggers a "time-consuming linear scan,"...
CVE-2015-0777
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...
CVE-2015-0777
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...
Design/Logic Flaw
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...
CVE-2015-0777
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...
CVE-2015-0777
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...
CVE-2015-0777
CVE-2015-0777 affects Linux Xen patches (linux-2.6.18-xen-3.4.0) used on Linux kernels 2.6.x/3.x. The vulnerability lets a guest OS read from uninitialized host kernel memory via unspecified vectors. Connected advisories note an incomplete fix for this CVE; remediation requires applying updated k...
Design/Logic Flaw
The XENDOMCTLgetmemlist hypercall in Xen 3.4.x through 4.3.x possibly 4.3.1 does not always obtain the pagealloclock and mmrwlock in the same order, which allows local guest administrators to cause a denial of service host deadlock...