CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-28703 – Gentoo Linux Security Advisory 202402-07
https://notcve.org/view.php?id=CVE-2021-28703
07 Dec 2021 — grant table v2 status pages may remain accessible after de-allocation (take two) Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched (back) from v2 to v1. The freeing of such pages requires that the hypervisor know where in the guest these pages were mapped. The hypervisor tracks only one use within guest space, but racing re... • https://security.gentoo.org/glsa/202402-07 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2008-1619 – [xen-ia64] Dom0 panic while we run ftp test tool between HVM and Dom0.
https://notcve.org/view.php?id=CVE-2008-1619
02 Apr 2008 — The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service (dom0 panic) via certain traffic, as demonstrated using an FTP stress test tool. La emulación ssm_i de Xen 5.1 en arquitecturas IA64 permite a atacantes remotos provocar una denegación de servicio (dom0 pamic) mediante cierto tráfico, como se demostró utilizando la herramienta de prueba de estrés FTP. • http://secunia.com/advisories/30116 •