SUSE CVE-2026-45890

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

CVE-2026-45890

A flaw was found in the Linux kernel's xen-netback component. A malicious or buggy Xen guest can exploit this by writing a zero value to the 'multi-queue-num-queues' xenbus key. This improper input validation can trigger a warning in the kernel's memory allocation, leading to a guest-to-host Deni...

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track the lifetime of requests. Marek reported seeing a NULL pointer fault in the xenbusthread call stack: BUG: NULL pointer dereferencing in the kernel, address: 0000000000000000 RIP:...

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021627 advisory. In the Linux kernel, the following vulnerability has been resolved: xen: Fix the issue of resource not being properly released in xenbusdevprobe This patch fixes an...

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

ROS-20260203-73-0027

A vulnerability in the xenbus components of the Linux operating system kernel is related to insufficient blocking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001681)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001681 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001708)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001708 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001713)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001713 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

CVE-2022-42324

Oxenstored 32-31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most...

Siemens SCALANCE, Ruggedcom ROX Race Condition (CVE-2022-23039)

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53198)

xen: issue of resource not being properly released in xenbusdevprobe. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504533; scriptversion"1.2";...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990356)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990356 advisory. In the Linux kernel, the following vulnerability has been resolved: xen: Fix the issue of resource not being properly released in xenbusdevprobe This patch fixes an...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990025)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990025 advisory. In the Linux kernel, the following vulnerability has been resolved: xen: Fix the issue of resource not being properly released in xenbusdevprobe This patch fixes an...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414458)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414458 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414453)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414453 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...