CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-28705 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28705
24 Nov 2021 — issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 numbe... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28706 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28706
24 Nov 2021 — guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precision, which may overflow. It would then only be the overflowed (and hence small) number which gets compared against the established upper bound. Los huéspedes pueden exceder su límite de memoria designado Cuando a un huésped se le perm... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28707 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28707
24 Nov 2021 — PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 number of pages). The i... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28708 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28708
24 Nov 2021 — PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 number of pages). The i... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-28709 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28709
24 Nov 2021 — issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 numbe... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28710 – Gentoo Linux Security Advisory 202208-23
https://notcve.org/view.php?id=CVE-2021-28710
21 Nov 2021 — certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures (page tables) may (and, on suitable hardware, by default will) be shared between CPUs, for second-level translation (EPT), and IOMMUs. These page tables are presently set up to always be 4 levels deep. However, an IOMMU may require the use of just 3 page table levels. In such a configuration the lop level table needs to be stripped before inserting the root table's address into the hardw... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT • CWE-269: Improper Privilege Management •
CVSS: 7.6EPSS: 0%CPEs: 5EXPL: 0CVE-2021-28702 – Gentoo Linux Security Advisory 202208-23
https://notcve.org/view.php?id=CVE-2021-28702
06 Oct 2021 — PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR"). These are typically used for platform tasks such as legacy USB emulation. If such a device is passed through to a guest, then on guest shutdown the device is not properly deassigned. The IOMMU configuration for these devices which are not properly deassigned ends up pointing to a freed data structure, including the IO Pagetables. ... • http://www.openwall.com/lists/oss-security/2021/10/07/2 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-28697 – Gentoo Linux Security Advisory 202208-23
https://notcve.org/view.php?id=CVE-2021-28697
27 Aug 2021 — grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched (back) from v2 to v1. The freeing of such pages requires that the hypervisor know where in the guest these pages were mapped. The hypervisor tracks only one use within guest space, but racing requests from... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VQCFAPBNGBBAOMJZG6QBREOG5IIDZID • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28693 – Gentoo Linux Security Advisory 202107-30
https://notcve.org/view.php?id=CVE-2021-28693
30 Jun 2021 — xen/arm: Boot modules are not scrubbed The bootloader will load boot modules (e.g. kernel, initramfs...) in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the allocator. Unfortunately, it was discovered that modules will not be scrubbed on Arm. xen/arm: Los módulos de arranque no se limpian. El cargador de arranque cargará los módulos de arranque (por ejemplo, kernel, initram... • https://security.gentoo.org/glsa/202107-30 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28690 – Debian Security Advisory 4931-1
https://notcve.org/view.php?id=CVE-2021-28690
28 Jun 2021 — x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires selecting a non-default setting in MSR_TSX_CTRL. This setting isn't restored after S3 suspend. x86: Las protecciones TSX Async Abort no son restauradas después de S3. Este problema está relacionado con una vulnerabilidad de seguridad... • https://security.gentoo.org/glsa/202107-30 •