27 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-19964
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service host OS hang because the p2m lock remains unavailable indefinitel...
x86/HVM pinned cache attributes mis-handling
ISSUE DESCRIPTION To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such...
SUSE CVE-2019-17347
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux and possibly other guest kernels...
CVE-2021-27379
An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service host OS crash or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct...
CVE-2020-25602
CVE-2020-25602 : Xen up to 4.14.x contains a vulnerability where an x86 PV guest accessing the MISC_ENABLE MSR (0x1a0) triggers a host crash due to missing #GP fault handling when reading this Intel-specific MSR. The vulnerability can crash the host Xen instance, enabling a local Denial of Servic...
UBUNTU-CVE-2019-17343
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains...
CVE-2019-17347
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux and possibly other guest kernels...
Xen CVE-2019-17346 Denial of Service Vulnerability
Description Xen is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Xen Xen version 4.11.x and prior are vulnerable. Technologies Affected Xen Xen 2.0 Xen Xen 3.0.2 Xen Xen 3.0.3 Xen Xen 3.0.4 Xen Xen 3.1 Xen Xen 3.1.3 Xen Xen...
CVE-2018-19963
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service host OS crash or possibly gain host OS privileges because x86 IOREQ server resource accounting for external emulators was mishandled...
Xen Denial of Service Vulnerability (CNVD-2019-07946)
Xen is an open source virtual machine monitor developed by the Xen Project. Xen 4.11.x suffers from a denial of service vulnerability that stems from p2m locking being indefinitely unavailable under certain error conditions, which can be exploited by users of x86 client operating systems to cause...
Code injection
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service host OS crash or possibly gain host OS privileges because x86 IOREQ server resource accounting for external emulators was mishandled...
Design/Logic Flaw
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service host OS hang because the p2m lock remains unavailable indefinitely in certain error conditions...
CVE-2018-19965
An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service host OS crash because GP0 can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 aka Meltdown mitigation...
CVE-2018-19963
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service host OS crash or possibly gain host OS privileges because x86 IOREQ server resource accounting for external emulators was mishandled...
CVE-2018-19964
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service host OS hang because the p2m lock remains unavailable indefinitely in certain error conditions...
CVE-2018-19964
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service host OS hang because the p2m lock remains unavailable indefinitely in certain error conditions...
CVE-2018-19963
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service host OS crash or possibly gain host OS privileges because x86 IOREQ server resource accounting for external emulators was mishandled...
CVE-2018-19963
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service host OS crash or possibly gain host OS privileges because x86 IOREQ server resource accounting for external emulators was mishandled...
CVE-2018-19963
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service host OS crash or possibly gain host OS privileges because x86 IOREQ server resource accounting for external emulators was mishandled...
CVE-2018-19964
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service host OS hang because the p2m lock remains unavailable indefinitely in certain error conditions...