Xen Denial of Service Vulnerability (XSA-304)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability due to an incorrect fix for CVE-2017-15595 which incorrectly drops some linearptentry counts. A local, attacker could exploit this issue, by making loops...

CVE-2019-19578

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to...

openSUSE Security Update : xen (openSUSE-2018-1624) (Foreshadow)

This update for xen fixes the following issues : Update to Xen 4.10.2 bug fix release bsc1027519. Security vulnerabilities fixed : - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, m...

Xen Project XSA-240 Mitigation Shadow Paging Conflict Vulnerability (XSA-280)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a vulnerability allowing a guest system to potentially elevate privileges, access protected information, and perform a DoS against the host. A number of caveats exist to determine if a...

Fix for XSA-240 conflicts with shadow paging

ISSUE DESCRIPTION The fix for XSA-240 introduced a new field into the control structure associated with each page of RAM. This field was added to a union, another member of which is used when Xen uses shadow paging for the guest. During migration, or with the L1TF XSA-273 mitigation for PV guests...

Fedora 27 : xen (2017-5945560816)

another patch related to the XSA-240, CVE-2017-15595 issue x86 PV guests may gain access to internally used page XSA-248 broken x86 shadow mode refcount overflow check XSA-249 improper x86 shadow mode refcount error handling XSA-250 improper bug check in x86 log-dirty handling XSA-251 Note that...

Fedora 26 : xen (2017-16a414b3c5)

another patch related to the XSA-240, CVE-2017-15595 issue xen: various flaws 1525018 x86 PV guests may gain access to internally used page XSA-248 broken x86 shadow mode refcount overflow check XSA-249 improper x86 shadow mode refcount error handling XSA-250 improper bug check in x86 log-dirty...

Fedora 26 : xen (2017-5bcddc1984)

xen: various flaws 1501391 multiple MSI mapping issues on x86 XSA-237 DMOP map/unmap missing argument checks XSA-238 hypervisor stack leak in x86 I/O intercept code XSA-239 Unlimited recursion in linear pagetable de-typing XSA-240 Stale TLB entry due to page type release race XSA-241 page type...

Xen Hypervisor Pagetable De-typing Recursion Handling Guest-to-Host DoS (XSA-240)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a stack overflow vulnerability that is triggered when recursion is not properly handled when de-typing linear pagetables. By stacking multiple layers of page tables, an attacker within a...