Xen

Xen

491 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.89%
  • Veröffentlicht 05.01.2024 17:15:08
  • Zuletzt bearbeitet 04.11.2025 20:16:30

Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing...

  • EPSS 0.29%
  • Veröffentlicht 05.01.2024 17:15:08
  • Zuletzt bearbeitet 04.11.2025 20:16:30

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used b...

  • EPSS 0.29%
  • Veröffentlicht 05.01.2024 17:15:08
  • Zuletzt bearbeitet 04.11.2025 20:16:31

The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed...

  • EPSS 0.26%
  • Veröffentlicht 05.01.2024 17:15:08
  • Zuletzt bearbeitet 04.11.2025 20:16:31

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions....

  • EPSS 0.26%
  • Veröffentlicht 05.01.2024 17:15:08
  • Zuletzt bearbeitet 04.11.2025 20:16:31

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions....

  • EPSS 0.22%
  • Veröffentlicht 08.12.2023 21:15:07
  • Zuletzt bearbeitet 04.11.2025 20:16:30

Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read...

  • EPSS 0.24%
  • Veröffentlicht 10.11.2023 17:15:07
  • Zuletzt bearbeitet 21.11.2024 08:36:19

An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.

  • EPSS 0.3%
  • Veröffentlicht 22.09.2023 14:15:45
  • Zuletzt bearbeitet 04.11.2025 20:16:29

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of ...

Exploit
  • EPSS 3.88%
  • Veröffentlicht 11.08.2023 03:15:14
  • Zuletzt bearbeitet 21.11.2024 07:22:21

Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • EPSS 12.41%
  • Veröffentlicht 08.08.2023 18:15:11
  • Zuletzt bearbeitet 21.11.2024 07:41:10

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.