Xen

Xen

491 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.61%
  • Veröffentlicht 09.06.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 05:56:04

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result...

  • EPSS 0.42%
  • Veröffentlicht 05.03.2021 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:59:01

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest...

  • EPSS 0.36%
  • Veröffentlicht 18.02.2021 17:15:15
  • Zuletzt bearbeitet 21.11.2024 05:57:52

An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush...

  • EPSS 0.33%
  • Veröffentlicht 17.02.2021 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:57:04

An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory ...

  • EPSS 0.42%
  • Veröffentlicht 26.01.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:15

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and en...

  • EPSS 0.31%
  • Veröffentlicht 15.12.2020 18:15:15
  • Zuletzt bearbeitet 21.11.2024 05:24:04

An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node, which will cause notifications for every created...

  • EPSS 0.35%
  • Veröffentlicht 15.12.2020 18:15:15
  • Zuletzt bearbeitet 21.11.2024 05:24:04

An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid wil...

  • EPSS 0.39%
  • Veröffentlicht 15.12.2020 18:15:15
  • Zuletzt bearbeitet 21.11.2024 05:24:04

An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID for their own domain id. Management tools must acce...

  • EPSS 0.37%
  • Veröffentlicht 15.12.2020 18:15:15
  • Zuletzt bearbeitet 21.11.2024 05:24:05

An issue was discovered in Xen through 4.14.x. Xenstored and guests communicate via a shared memory page using a specific protocol. When a guest violates this protocol, xenstored will drop the connection to that guest. Unfortunately, this is done by ...

  • EPSS 0.39%
  • Veröffentlicht 15.12.2020 18:15:15
  • Zuletzt bearbeitet 21.11.2024 05:24:05

An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the xenstore client that registered the watch will receive a Xenstore message containing the path of the modified Xenstore entry that triggered the watch, and the tag that wa...