Lucene search
K

8 matches found

Xen Project
Xen Project
added 2023/10/10 12:0 p.m.58 views

x86/AMD: Debug Mask handling

ISSUE DESCRIPTION AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. 1 CVE-2023-34327 - An HVM vCPU can end up operating in the...

5.5CVSS6.6AI score0.00256EPSS
Exploits0Affected Software1
NVD
NVD
added 2021/01/26 8:15 p.m.22 views

CVE-2021-3308

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...

5.5CVSS5.7AI score0.00417EPSS
Exploits0References4
Prion
Prion
added 2021/01/26 8:15 p.m.27 views

Code injection

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...

4.9CVSS5.5AI score0.00417EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2021/01/26 7:58 p.m.113 views

CVE-2021-3308

CVE-2021-3308 affects the Xen hypervisor (notably Xen 4.12.3–4.12.4 and 4.13.1–4.14.x). An x86 HVM guest with PCI passthrough can reboot with MSI/MSI-X enabled to exhaust all IDT vectors, leaking MSI(-X) entries and causing a DoS for PCI devices across guests or the host. The issue is triggered b...

5.5CVSS5.5AI score0.00417EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2021/01/26 7:58 p.m.32 views

CVE-2021-3308

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...

5.5CVSS5.9AI score0.00417EPSS
Exploits0
CNVD
CNVD
added 2020/07/08 12:0 a.m.4 views

Xen Resource Management Error Vulnerability (CNVD-2020-51521)

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen 4.13....

8.8CVSS9.1AI score0.00364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/04/14 8:33 p.m.35 views

CVE-2020-11742

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...

4.6CVSS2.2AI score0.00452EPSS
Exploits0References3
OSV
OSV
added 2020/04/14 1:15 p.m.25 views

CVE-2020-11739

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths don't contain a memory barrier. On Arm, this means a processor is allowed to...

7.8CVSS7.3AI score
Exploits0References9
Rows per page
Query Builder