41 matches found
EUVD-2020-4083
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-11741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users with active profiling to obtain sensitive information about other guests, cau...
Linux Distros Unpatched Vulnerability : CVE-2020-11740
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users without active profiling to obtain sensitive information about other guests...
SUSE CVE-2015-7971
Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted 1 HYPERCALLxenoprofop hypercalls, which are not properly handled in the doxenoprofop...
SUSE CVE-2020-11740
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users without active profiling to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not...
SUSE CVE-2020-11741
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users with active profiling to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenopr...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:2234-1)
This update for xen fixes the following issues : bsc1174543 - secure boot related fixes bsc1163019 - CVE-2020-8608: Potential OOB access due to unsafe snprintf usages bsc1169392 - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1168140 - CVE-2020-11740, CVE-2020-11741: Multiple...
SUSE-SU-2020:2234-1 Security update for xen
This update for xen fixes the following issues: - bsc1174543 - secure boot related fixes - bsc1163019 - CVE-2020-8608: Potential OOB access due to unsafe snprintf usages - bsc1169392 - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy - bsc1168140 - CVE-2020-11740, CVE-2020-11741: Multipl...
Information Disclosure
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users without active profiling to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:1630-1)
This update for xen fixes the following issues : CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling SRBDS or 'CrossTalk'...
openSUSE Security Update : xen (openSUSE-2020-599)
This update for xen fixes the following issues : Security issues fixed : - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1169392. - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues bsc1168140. - CVE-2020-11739: Missing memory barriers in read-write unlock paths...
Security update for xen (important)
openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:0599-1 Rating: important References: 1027519 1134506 1155200 1157490 1160932 1165206 1167007 1167152 1168140 1168142 1168143 1169392 Cross-References: CVE-2020-11739 CVE-2020-11740 CVE-2020-11741 CVE-2020-11742...
Xen Information Disclosure Vulnerability (CNVD-2020-25870)
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in xenoprof ...
Xen has an unspecified vulnerability (CNVD-2020-32853)
Xen is an open source virtual machine monitor product. It enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in xenoprof in Xen 4.13.x and earlier versions. An attacke...
CVE-2020-11741
A flaw was found in Xenoprof in the Xen virtual machine through version 4.13.x, where it allows guest OS users, with active profiling, to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests with “active” profiling enabled by the...
CVE-2020-11740
A flaw was found in xenoprof in Xen through versions 4.13.x. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests to obtain sensitive information about other guests. The highest threat from this vulnerability is to data confidentiality...
CVE-2020-11741
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users with active profiling to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenopr...
CVE-2020-11740
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users without active profiling to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not...
DEBIAN-CVE-2020-11740
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users without active profiling to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not...
ALPINE-CVE-2020-11740
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users without active profiling to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not...