VYPR

rpm package

opensuse/xen&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/xen&distro=openSUSE%20Tumbleweed

Vulnerabilities (279)

  • CVE-2022-23033Jan 25, 2022
    affected < 4.16.0_04-3.1fixed 4.16.0_04-3.1

    arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_entry with mfn set to INVALID_MFN) do not actually clear the pagetable entry if t

  • CVE-2021-28702Oct 6, 2021
    affected < 4.16.0_01-1.1fixed 4.16.0_01-1.1

    PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR"). These are typically used for platform tasks such as legacy USB emulation. If such a device is passed

  • CVE-2021-28687Jun 11, 2021
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline,

  • CVE-2020-29481Dec 15, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to

  • CVE-2020-29484Dec 15, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the xenstore client that registered the watch will receive a Xenstore message containing the path of the modified Xenstore entry that triggered the watch, and the tag that was specified when registering t

  • CVE-2020-29483Dec 15, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x. Xenstored and guests communicate via a shared memory page using a specific protocol. When a guest violates this protocol, xenstored will drop the connection to that guest. Unfortunately, this is done by just removing the guest from x

  • CVE-2020-29480Dec 15, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node, which will cause notifications for every created, modified, and deleted key. A

  • CVE-2020-29571Dec 15, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. While the producer side uses appropriately ordered writes, the consumer side isn't protected agains

  • CVE-2020-29570Dec 15, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or bugg

  • CVE-2020-29567Dec 15, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of IRQ handling, IRQ vectors are dynamically allocated and de-allocated on the relevant CPUs. De-allocation has to happen when certain constraints are met. If these conditions are not met

  • CVE-2020-29566Dec 15, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x. When they require assistance from the device model, x86 HVM guests must be temporarily de-scheduled. The device model will signal Xen when it has completed its operation, via an event channel, so that the relevant vCPU is rescheduled

  • CVE-2020-29040Nov 24, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one error. NOTE: this issue is caused by an incorrect fix for CVE-2020-27671.

  • CVE-2020-28368Nov 10, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the

  • CVE-2020-27670Oct 22, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.

  • CVE-2020-27671Oct 22, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.

  • CVE-2020-27672Oct 22, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages.

  • CVE-2020-27674Oct 22, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.

  • CVE-2020-25603Sep 23, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory

  • CVE-2020-25596Sep 23, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault, and incorrectly delivers it t

  • CVE-2020-25604Sep 23, 2020
    affected < 4.15.1_01-1.2fixed 4.15.1_01-1.2

    An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also operating on the timers) to rel

Page 4 of 14