CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28704 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28704
24 Nov 2021 — PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 number of pages). The i... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28707 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28707
24 Nov 2021 — PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 number of pages). The i... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-28709 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28709
24 Nov 2021 — issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 numbe... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28708 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28708
24 Nov 2021 — PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 number of pages). The i... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28706 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28706
24 Nov 2021 — guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precision, which may overflow. It would then only be the overflowed (and hence small) number which gets compared against the established upper bound. Los huéspedes pueden exceder su límite de memoria designado Cuando a un huésped se le perm... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-28697 – Gentoo Linux Security Advisory 202208-23
https://notcve.org/view.php?id=CVE-2021-28697
27 Aug 2021 — grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched (back) from v2 to v1. The freeing of such pages requires that the hypervisor know where in the guest these pages were mapped. The hypervisor tracks only one use within guest space, but racing requests from... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VQCFAPBNGBBAOMJZG6QBREOG5IIDZID • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-28689
https://notcve.org/view.php?id=CVE-2021-28689
11 Jun 2021 — x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to virtualization. In AMD64, Xen had to use a different implementation approach, so Xen does not use ring 1 to support 64-bit guests. With the focus now being on 64-bit systems, and the availability of explicit hardware ... • https://xenbits.xenproject.org/xsa/advisory-370.txt • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27379 – Debian Security Advisory 4888-1
https://notcve.org/view.php?id=CVE-2021-27379
18 Feb 2021 — An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565. Se detectó un problema en Xen versiones hasta 4.11.x, permitiendo a usuarios del Sistema Operativo invitado x86 Intel HVM obtener acceso DM... • http://www.openwall.com/lists/oss-security/2021/02/23/1 •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2020-29486 – Debian Security Advisory 4812-1
https://notcve.org/view.php?id=CVE-2020-29486
15 Dec 2020 — An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored, a owner could give a node away. However, node ownership has quota implications. Any guest can run another guest out of quota, or create an unbounded number of nodes owned by dom0, thus running xenstored out of memory A malicious guest administrator can cause a denial of service against a specific guest or against the whole host. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-29481 – Debian Security Advisory 4812-1
https://notcve.org/view.php?id=CVE-2020-29481
15 Dec 2020 — An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes from the previous domain(s) with the same domid. Because all Xenstore entries of a guest below /local/domain/