EUVD-2017-4390

Malware in sbrugna...

EUVD-2016-3354

Malware in sbrugna...

SUSE-SU-2024:1259-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-46842: Fixed denial of service due to Xen bug check triggered by HVM hypercalls XSA-454 in xen x86 bsc1221984 - CVE-2024-31142: Fixed incorrect logic for BTC/SRSO mitigations XSA-455 in xen x86 bsc1222302 - CVE-2024-2201: Fixed memory...

SUSE CVE-2013-4553

The XENDOMCTLgetmemlist hypercall in Xen 3.4.x through 4.3.x possibly 4.3.1 does not always obtain the pagealloclock and mmrwlock in the same order, which allows local guest administrators to cause a denial of service host deadlock...

SUSE CVE-2017-15588

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry...

SUSE CVE-2018-18883

An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service NULL pointer dereference or possibly have unspecified other impact because nested VT-x is not properly restricted...

Xenstore: Guests can create arbitrary number of nodes via transactions

ISSUE DESCRIPTION In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. As this error is encountered only when handling the deleted node at transaction finalization, the transaction will have been...

Xen Security Vulnerabilities

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen. The...

SUSE-SU-2020:3414-1 Security update for xen

This update for xen fixes the following issues: Security issue fixed: - CVE-2020-28368: Fixed the Intel RAPL sidechannel attack, aka PLATYPUS attack, aka XSA-351 bsc1178591. Non-security issues fixed: - Updated to Xen 4.12.4 bug fix release bsc1027519. - Fixed a panic during MSI cleanup on AMD...

SUSE-SU-2020:3412-1 Security update for xen

This update for xen fixes the following issues: Security issue fixed: - CVE-2020-28368: Fixed the Intel RAPL sidechannel attack, aka PLATYPUS attack, aka XSA-351 bsc1178591. Non-security issues fixed: - Updated to Xen 4.13.2 bug fix release bsc1027519. - Fixed a panic during MSI cleanup on AMD...

CVE-2020-27673

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service host OS hang via a high rate of events to dom0, aka CID-e99502f76271...

OPENSUSE-SU-2020:0818-1 Security update for xen

This update for xen to version 4.12.3 fixes the following issues: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling...

SUSE-SU-2020:1609-1 Security update for xen

This update for xen to version 4.12.3 fixes the following issues: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling...

SUSE-SU-2020:1139-1 Security update for xen

This update for xen to version 4.12.2 fixes the following issues: Security issues fixed: - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1169392. - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues bsc1168140. - CVE-2020-11739: Missing memory barriers in...

SUSE-SU-2019:2753-1 Security update for xen

This update for xen to version 4.11.2 fixes the following issues: Security issues fixed: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service bsc1149813. - CVE-2019-12068: Fixed an issue in lsi which could lead to a...

SUSE-SU-2017:3178-1 Security update for xen

This update for xen to version 4.7.4 bsc1027519 fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc1068187: Failure to recognize errors in the Populate on Demand PoD code allowed for DoS XSA-246 - bsc1068191...

Xen has an unspecified vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in X...

Xen 64bit PV Guest - pagetable use-after-type-change Breakout

Xen 64bit PV Guest - pagetable use-after-type-change Breakout Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1231 This is a bug in Xen that permits an attacker with control over the kernel of a 64bit X86 PV guest to write arbitrary entries into a live top-level pagetable. To...

SUSE-SU-2017:0983-1 Security update for xen

This update for xen to version 4.7.2 fixes the following issues: These security issues were fixed: - CVE-2017-7228: Broken check in memoryexchange permited PV guest breakout bsc1030442. - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or...

SUSE-SU-2016:2093-1 Security update for xen

This update for xen to version 4.5.3 fixes the several issues. These security issues were fixed: - CVE-2016-6258: Potential privilege escalation in PV guests XSA-182 bsc988675. - CVE-2016-6259: Missing SMAP whitelisting in 32-bit exception / event delivery XSA-183 bsc988676. - CVE-2016-5337: The...