CVE-2019-18420
https://notcve.org/view.php?id=CVE-2019-18420
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format character was done using BUG(), which crashes Xen. One path, via the VCPUOP_initialise hypercall, has a bad format character. The BUG() can be hit if VCPUOP_initialise executes for a sufficiently long period of time for a continuation to be created. Malicious guests may cause a hypervisor crash, resulting in a Denial of Service (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00037.html http://www.openwall.com/lists/oss-security/2019/10/31/1 http://xenbits.xen.org/xsa/advisory-296.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2BQKX7M2RHCWDBKNPX4KEBI3MJIH6AYZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUG • CWE-134: Use of Externally-Controlled Format String •
CVE-2019-17340
https://notcve.org/view.php?id=CVE-2019-17340
An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled. Se detectó un problema en Xen versiones hasta 4.11.x, permitiendo a usuarios del sistema operativo invitado de x86, causar una denegación de servicio u alcanzar privilegios porque las peticiones de transferencia grant-table son manejadas inapropiadamente. • http://www.openwall.com/lists/oss-security/2019/10/25/1 http://xenbits.xen.org/xsa/advisory-284.html https://seclists.org/bugtraq/2020/Jan/21 https://www.debian.org/security/2020/dsa-4602 https://xenbits.xen.org/xsa/advisory-284.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2019-17341
https://notcve.org/view.php?id=CVE-2019-17341
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passed-through PCI device. Se detectó un problema en Xen versiones hasta 4.11.x, permitiendo a usuarios del sistema operativo invitado PV de x86, causar una denegación de servicio u alcanzar privilegios mediante el aprovechamiento de una condición de carrera de escritura de página durante la adición de un dispositivo PCI transferido. • http://www.openwall.com/lists/oss-security/2019/10/25/6 http://xenbits.xen.org/xsa/advisory-285.html https://seclists.org/bugtraq/2020/Jan/21 https://www.debian.org/security/2020/dsa-4602 https://xenbits.xen.org/xsa/advisory-285.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2019-17342
https://notcve.org/view.php?id=CVE-2019-17342
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introduced. Se detectó un problema en Xen versiones hasta 4.11.x, permitiendo a usuarios del sistema operativo invitado PV de x86, causar una denegación de servicio u alcanzar privilegios mediante el aprovechamiento de una condición de carrera que surgió cuando se introdujo XENMEM_exchange. • http://www.openwall.com/lists/oss-security/2019/10/25/2 http://xenbits.xen.org/xsa/advisory-287.html https://seclists.org/bugtraq/2020/Jan/21 https://www.debian.org/security/2020/dsa-4602 https://xenbits.xen.org/xsa/advisory-287.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2019-17343
https://notcve.org/view.php?id=CVE-2019-17343
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains. Se detectó un problema en Xen versiones hasta 4.11.x, permitiendo a usuarios del sistema operativo invitado PV de x86, causar una denegación de servicio u alcanzar privilegios mediante el aprovechamiento del uso incorrecto del concepto physmap de HVM para dominios PV. • http://www.openwall.com/lists/oss-security/2019/10/25/10 http://xenbits.xen.org/xsa/advisory-288.html https://seclists.org/bugtraq/2020/Jan/21 https://www.debian.org/security/2020/dsa-4602 https://xenbits.xen.org/xsa/advisory-288.html • CWE-667: Improper Locking •