Page 9 of 228 results (0.015 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OOM in the backend. All systems with a FreeBSD, Linux, or NetBSD (any version) dom0 are vulnerable. • https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html https://security.gentoo.org/glsa/202107-30 https://www.debian.org/security/2021/dsa-4843 https://xenbits.xenproject.org/xsa/advisory-349.html • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of IRQ handling, IRQ vectors are dynamically allocated and de-allocated on the relevant CPUs. De-allocation has to happen when certain constraints are met. If these conditions are not met when first checked, the checking CPU may send an interrupt to itself, in the expectation that this IRQ will be delivered only after the condition preventing the cleanup has cleared. For two specific IRQ vectors, this expectation was violated, resulting in a continuous stream of self-interrupts, which renders the CPU effectively unusable. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI https://security.gentoo.org/glsa/202107-30 https://xenbits.xenproject.org/xsa/advisory-356.html • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in Xen through 4.14.x. When they require assistance from the device model, x86 HVM guests must be temporarily de-scheduled. The device model will signal Xen when it has completed its operation, via an event channel, so that the relevant vCPU is rescheduled. If the device model were to signal Xen without having actually completed the operation, the de-schedule / re-schedule cycle would repeat. If, in addition, Xen is resignalled very quickly, the re-schedule may occur before the de-schedule was fully complete, triggering a shortcut. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI https://security.gentoo.org/glsa/202107-30 https://www.debian.org/security/2020/dsa-4812 https://xenbits.xenproject.org/xsa/advisory-348.html • CWE-674: Uncontrolled Recursion •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one error. NOTE: this issue is caused by an incorrect fix for CVE-2020-27671. Se detectó un problema en Xen versiones hasta 4.14.x, que permitía a usuarios del SO invitado x86 HVM causar una denegación de servicio (corrupción de la pila), causar un filtrado de datos o posiblemente alcanzar privilegios debido a un error por un paso. NOTA: este problema es causado por a una solución incorrecta para CVE-2020-27671 • http://www.openwall.com/lists/oss-security/2021/01/19/4 http://xenbits.xen.org/xsa/advisory-355.html https://xenbits.xen.org/xsa/advisory-355.html • CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •

CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0

Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen. Xen versiones hasta 4.14.x, permite a administradores de Sistemas Operativos invitados obtener información confidencial (tales como claves AES desde fuera del invitado) por medio de un ataque de canal lateral en una interfaz de monitoreo de power/energy, también se conoce como un ataque "Platypus". NOTA: solo existe una corrección lógicamente independiente: cambiar el control de acceso para cada interfaz de este tipo en Xen • http://www.openwall.com/lists/oss-security/2020/11/26/1 http://xenbits.xen.org/xsa/advisory-351.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5J66QUUHXH2RR4CNCKQRGVXVSOUFRPDA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XV23EZIMNLJN4YXRRXLQV2ALW6ZEALXV https://platypusattack.com https://www.debian.org/security/2020/dsa-4804 https://www.zdnet.com/article/new-platypus-attack-can-steal-data-from-intel-cpus https:&# • CWE-862: Missing Authorization •