18 matches found
CVE-2026-42487
CVE-2026-42487 concerns the Xen hypervisor’s handling of x86 HVM I/O port list traversal. The root cause stated in the sources is that traversal of the linked list used for guest I/O port accesses requires synchronization with updates to the translation/mapping (XEN_DOMCTL_ioport_mapping), but th...
EUVD-2012-6188
Malware in sbrugna...
CLSA-2025-1751551161 Update of grub2
Improve Xen detection so we don't set GRUBENABLEBLSCFG=false for HVM domU guests - Debrand for Cloudlinux...
Linux Distros Unpatched Vulnerability : CVE-2022-49101
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xen: delay xenhvminittimeops if kdump is boot on vcpu=32 The schedclock can be used very ear...
CVE-2022-49101
...
SUSE CVE-2023-46840
Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen...
AZL-8965 CVE-2021-4095 affecting package kernel for versions less than 5.15.37.1-2
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVMXENHVMSETATTR ioctl. This fl...
Debian DLA-2560-1 : qemu security update
Several vulnerabilities were discovered in QEMU, a fast processor emulator notably used in KVM and Xen HVM virtualization. An attacker could trigger a denial of service DoS, information leak, and possibly execute arbitrary code with the privileges of the QEMU process on the host. CVE-2020-15469 A...
CVE-2021-3308
An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...
SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1538-1)
This update for qemu fixes the following issues : Security issues fixed : CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code bsc1166240. CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation bsc1146873. CVE-2020-1983: Fixed a use-after-free in the ipreass...
Debian DLA-1927-1 : qemu security update
Several vulnerabilities were found in QEMU, a fast processor emulator notably used in KVM and Xen HVM virtualization. CVE-2016-5126 Heap-based buffer overflow in the iscsiaioioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service QEMU process crash or...
Security update for libvirt (important)
This update for libvirt and virt-manager fixes the following issues: Security issues fixed: - CVE-2017-5715: Fixes for speculative side channel attacks aka "SpectreAttack" var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init...
SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2018:0920-1) (Spectre)
This update for libvirt and virt-manager fixes the following issues: Security issues fixed : - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init...
DEBIAN-CVE-2014-7188
The hvmmsrreadintercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service host crash or read data from the hypervisor or other guests via unspecified vectors...
CVE-2014-7155
The x86emulate function in arch/x86/x86emulate/x86emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service guest crash or gain guest kernel mode privileges via vectors involving an 1 HLT, 2 LGDT, 3 LIDT, or 4...
Fedora 20 : libvirt-1.1.3.5-2.fc20 (2014-6586)
Fix xen hvm VNC port bz 1094262 - CVE-2014-0179: Unsafe XML parsing bz 1094792, bz 1088290 - Fix failure to start xen instances rackspace in particular bz 1098376 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
The United States VPS management system SolusVM 1.13.03 SQL injection vulnerability with exp-a vulnerability warning-the black bar safety net
SolusVM software is a powerful graphical user interface for VPS management system that can simultaneously manage three kinds of Virtualization Technology: OpenVZ ,Xen Paravirtualization and Xen HVM in. The use of this software open us VPS customer, will feel he is very safe and convenient. Poor...
CentOS Update for kernel CESA-2010:0936 centos4 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...