Astra Linux - уязвимость в linux, linux-5.10

Rogue backends can cause Denial of Service DoS attacks on guests through high-frequency events. This CNA information record relates to multiple Common Vulnerabilities and Exposures CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Xen allows for the execution of PV...

EUVD-2026-26364

In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISORxenversionXENVERbuildid is neither NUL terminated nor a string. The first causes a buffer overflow as sprintf in buildidshow will read and copy ti...

CVE-2026-31786 Buffer overflow in drivers/xen/sys-hypervisor.c

In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISORxenversionXENVERbuildid is neither NUL terminated nor a string. The first causes a buffer overflow as sprintf in buildidshow will read and copy ti...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001411)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001411 advisory. Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414633)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414633 advisory. Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...

Linux Distros Unpatched Vulnerability : CVE-2015-8551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit...

SUSE CVE-2021-28711

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

SUSE CVE-2021-28712

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

CVE-2022-3643

A possible reset/abort/crash flaw was found in the Linux kernel’s XEN driver when sending certain kinds of packets. This flaw allows a local user to crash the system...

CVE-2022-42329

A possible deadlock flaw was found in the Linux kernel’s XEN driver in how some packets generated by a user dropped. This flaw allows a local user to crash the system...

CVE-2022-42328

A possible deadlock flaw was found in the Linux kernel’s XEN driver in how some packets generated by a user dropped. This flaw allows a local user to crash the system...

USN-5679-1 linux-aws-hwe vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

UBUNTU-CVE-2021-28712

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.19 and fixes at least the following security issues: An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel. A userland application can read the contents of the sigpage, which can leak kernel memory...

MGASA-2021-0100 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.19 and fixes at least the following security issues: There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y, CONFIGBPF=y, CONFIGCGROUPS=y, CONFIGCGROUPBPF=y,...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.19 and fixes at least the following security issues: An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An...

CVE-2021-26930

An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later...

PT-2021-3000 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.11 through 5.10.16 Description: The issue is related to errors in mapping grant references provided by the frontend in the Linux kernel's Xen driver. This can lead to the caller assuming successful mapping and attempti...

SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2020:3037-1)

This update for libvirt fixes the following issues : CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros bsc1174955. CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces bsc1177155. qemu: Adjust max memlock on mdev hotplug bsc1177480. Xen: Don't add dom0 twice...

USN-3468-3 linux-gcp vulnerabilities

It was discovered that the KVM subsystem in the Linux kernel did not properly bound guest IRQs. A local attacker in a guest VM could use this to cause a denial of service host system crash. CVE-2017-1000252 It was discovered that the Flash-Friendly File System f2fs implementation in the Linux...