Xen

Xen

483 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2022-33742

  • EPSS 0.03%
  • Veröffentlicht 05.07.2022 13:15:08
  • Zuletzt bearbeitet 21.11.2024 07:08:26

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing ...

7.8

CVE-2022-33743

  • EPSS 0.03%
  • Veröffentlicht 05.07.2022 13:15:08
  • Zuletzt bearbeitet 21.11.2024 07:08:27

network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.

5.5

CVE-2022-21166

  • EPSS 0.15%
  • Veröffentlicht 15.06.2022 21:15:09
  • Zuletzt bearbeitet 05.05.2025 17:17:41

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2022-21123

  • EPSS 0.17%
  • Veröffentlicht 15.06.2022 20:15:17
  • Zuletzt bearbeitet 05.05.2025 17:17:37

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2022-21125

  • EPSS 0.2%
  • Veröffentlicht 15.06.2022 20:15:17
  • Zuletzt bearbeitet 05.05.2025 17:17:37

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2022-21127

  • EPSS 0.23%
  • Veröffentlicht 15.06.2022 20:15:17
  • Zuletzt bearbeitet 05.05.2025 17:17:37

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

7.2

CVE-2022-26364

Exploit
  • EPSS 0.11%
  • Veröffentlicht 09.06.2022 17:15:09
  • Zuletzt bearbeitet 21.11.2024 06:53:50

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a reg...

6.9

CVE-2022-26362

  • EPSS 0.05%
  • Veröffentlicht 09.06.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:53:49

x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable...

7.2

CVE-2022-26363

  • EPSS 0.08%
  • Veröffentlicht 09.06.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:53:50

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a reg...

5.6

CVE-2022-26356

  • EPSS 0.05%
  • Veröffentlicht 05.04.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:53:49

Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed...