2 matches found
CVE-2020-29481
CVE-2020-29481 affects Xen up to 4.14.x. The issue: Xenstore node access rights are per domid and are not removed when a domain is destroyed, so a newly created domain with the same domid can inherit the previous domain’s Xenstore permissions. This potentially allows a newly created guest to read...
UBUNTU-CVE-2018-15470
An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not...