11 matches found
CVE-2017-8904
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...
CVE-2017-8904
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...
CVE-2017-8904
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...
Cross site request forgery (csrf)
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...
CVE-2017-8904
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...
UBUNTU-CVE-2017-8904
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...
CVE-2017-8904
CVE-2017-8904 : Xen up to 4.8.x is affected by a flaw in the handling of the “contains segment descriptors” property during GNTTABOP_transfer (guest transfer). The underlying issue is the mishandling in guest transfer operations, which could allow a PV guest OS user to execute arbitrary code on t...
CVE-2017-8904
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...
Debian DSA-3847-1 : xen - security update
Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen hypervisor, which may lead to privilege escalation, guest-to-host breakout, denial of service or information leaks. In additional to the CVE identifiers listed above, this update also addresses the vulnerabilities announced ...
[SECURITY] [DSA 3847-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3847-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 09, 2017 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3847-1 (xen - security update)
Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen hypervisor, which may lead to privilege escalation, guest-to-host breakout, denial of service or information leaks. In additional to the CVE identifiers listed above, this update also addresses the vulnerabilities announced ...