VYPR

Xen

by Xen Project

CVEs (64)

  • CVE-2022-33747LowOct 11, 2022
    risk 0.25cvss 3.8epss 0.00

    Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. removing pages from a guest's P2M (Physical-to-Machine) mapping. When large pages are in use to map guest pages in the 2nd-stage page tables, such a removal operation may incur a memory…

  • CVE-2023-46837LowJan 5, 2024
    risk 0.21cvss 3.3epss 0.00

    Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a guest. Unfortunately, the…

  • CVE-2022-42336LowMay 17, 2023
    risk 0.21cvss 3.3epss 0.00

    Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of…

  • CVE-2020-29480LowDec 15, 2020
    risk 0.15cvss 2.3epss 0.00

    An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node, which will cause notifications for every created, modified, and deleted key.…

Page 4 of 4