CVE-2022-33747
- EPSS 0.26%
- Veröffentlicht 11.10.2022 13:15:10
- Zuletzt bearbeitet 21.11.2024 07:08:27
Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. removing pages from a guest's P2M (Physical-to-Machine) mapping. When large pages are in use to map guest pages in the 2nd-stage page tables, such a removal oper...
CVE-2022-33748
- EPSS 0.25%
- Veröffentlicht 11.10.2022 13:15:10
- Zuletzt bearbeitet 21.11.2024 07:08:27
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each...
CVE-2022-33745
- EPSS 0.29%
- Veröffentlicht 26.07.2022 13:15:10
- Zuletzt bearbeitet 21.11.2024 07:08:27
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code ...
CVE-2022-29900
- EPSS 3.76%
- Veröffentlicht 12.07.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:59:55
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
CVE-2022-29901
- EPSS 4.95%
- Veröffentlicht 12.07.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:59:56
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve ...
CVE-2022-26365
- EPSS 0.32%
- Veröffentlicht 05.07.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:53:50
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing ...
CVE-2022-33740
- EPSS 0.32%
- Veröffentlicht 05.07.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 07:08:26
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing ...
CVE-2022-33741
- EPSS 0.32%
- Veröffentlicht 05.07.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 07:08:26
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing ...
CVE-2022-33742
- EPSS 0.33%
- Veröffentlicht 05.07.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 07:08:26
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing ...
CVE-2022-33743
- EPSS 0.35%
- Veröffentlicht 05.07.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 07:08:27
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.