Lucene search
K

7 matches found

exploitpack
exploitpack
added 2017/04/11 12:0 a.m.45 views

Xen - Broken Check in memory_exchange() Permits PV Guest Breakout

Xen - Broken Check in memoryexchange Permits PV Guest Breakout Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1184 This bug report describes a vulnerability in memoryexchange that permits PV guest kernels to write to an arbitrary virtual address with hypervisor privileges. The...

6.9CVSS0.00406EPSS
Exploits4
FreeBSD
FreeBSD
added 2017/04/04 12:0 a.m.32 views

xen-kernel -- broken check in memory_exchange() permits PV guest breakout

The Xen Project reports: The XSA-29 fix introduced an insufficient check on XENMEMexchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays. A malicious or buggy 64-bit PV guest may be able to access all of system memory, allowing fo...

8.2CVSS2.2AI score0.01569EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.43 views

SUSE SLED10 / SLES10 Security Update : Xen (SUSE-SU-2012:1606-1)

This update fixes the following security issues in xen : - CVE-2012-5513: XENMEMexchange may overwrite hypervisor memory XSA-29 - CVE-2012-5515: Several memory hypercall operations allow invalid extent order values XSA-31 Also the following bugs have been fixed and upstream patches have been...

6.9CVSS7.7AI score0.00411EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.39 views

OracleVM 2.2 : xen (OVMSA-2012-0058)

The remote OracleVM system is missing necessary patches to address critical security updates : XSA-27: hvm: Limit the size of large HVM op batches orabug 15907978 CVE-2012-5511 XSA-29: add missing guest address range checks to XENMEMexchange handlers orabug 15907996 CVE-2012-5513 XSA-30: xen: fix...

6.9CVSS7.8AI score0.00435EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2013/03/11 12:0 a.m.45 views

openSUSE: Security Advisory for xen (openSUSE-SU-2012:1687-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.9CVSS8AI score0.00443EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2012/12/17 12:0 a.m.72 views

Fedora 16 : xen-4.1.3-6.fc16 (2012-19828)

A guest can cause xen to crash XSA-26, CVE-2012-5510 883082 An HVM guest can cause xen to run slowly or crash XSA-27, CVE-2012-5511 883084 An HVM guest can cause xen to crash or leak information XSA-28, CVE-2012-5512 883085 A PV guest can cause xen to crash and might be able escalate privileges...

6.9CVSS7.7AI score0.00435EPSS
Exploits4References14
Tenable Nessus
Tenable Nessus
added 2012/12/13 12:0 a.m.48 views

Fedora 17 : xen-4.1.3-7.fc17 (2012-19717)

A guest can cause xen to crash XSA-26, CVE-2012-5510 883082 An HVM guest can cause xen to run slowly or crash XSA-27, CVE-2012-5511 883084 An HVM guest can cause xen to crash or leak information XSA-28, CVE-2012-5512 883085 A PV guest can cause xen to crash and might be able escalate privileges...

6.9CVSS7.7AI score0.00435EPSS
Exploits4References13
Rows per page
Query Builder