CVE-2021-28703
https://notcve.org/view.php?id=CVE-2021-28703
grant table v2 status pages may remain accessible after de-allocation (take two) Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched (back) from v2 to v1. The freeing of such pages requires that the hypervisor know where in the guest these pages were mapped. The hypervisor tracks only one use within guest space, but racing requests from the guest to insert mappings of these pages may result in any of them to become mapped in multiple locations. • https://security.gentoo.org/glsa/202402-07 https://xenbits.xenproject.org/xsa/advisory-387.txt •
CVE-2008-1619 – [xen-ia64] Dom0 panic while we run ftp test tool between HVM and Dom0.
https://notcve.org/view.php?id=CVE-2008-1619
The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service (dom0 panic) via certain traffic, as demonstrated using an FTP stress test tool. La emulación ssm_i de Xen 5.1 en arquitecturas IA64 permite a atacantes remotos provocar una denegación de servicio (dom0 pamic) mediante cierto tráfico, como se demostró utilizando la herramienta de prueba de estrés FTP. • http://secunia.com/advisories/30116 http://www.redhat.com/support/errata/RHSA-2008-0233.html http://www.securityfocus.com/bid/29085 https://bugzilla.redhat.com/show_bug.cgi?id=437770 https://exchange.xforce.ibmcloud.com/vulnerabilities/41633 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10226 https://access.redhat.com/security/cve/CVE-2008-1619 •