Latest xen xen Vulnerabilities

CVE-2023-46837
arm32: The cache may not be properly cleaned/invalidated (take two)
Xen Xen<=4.16
CVE-2023-46836
x86: BTC/SRSO fixes not fully effective
Xen Xen
CVE-2023-46835
x86/AMD: mismatch in IOMMU quarantine page table levels
Xen Xen
CVE-2023-34325
Multiple vulnerabilities in libfsimage disk handling
Xen Xen
CVE-2023-34327
x86/AMD: Debug Mask handling
Xen Xen>=4.5.0
CVE-2023-34328
x86/AMD: Debug Mask handling
Xen Xen>=4.5.0<4.14.0
CVE-2023-34326
x86/AMD: missing IOMMU TLB flushing
Xen Xen
CVE-2023-34324
Possible deadlock in Linux kernel event handling
Linux Linux kernel<5.10
Xen Xen
ubuntu/linux<5.4.0-171.189
ubuntu/linux<5.15.0-94.104
ubuntu/linux<6.5.0-17.17
ubuntu/linux<6.6~
and 113 more
CVE-2023-34323
xenstored: A transaction conflict can crash C Xenstored
Xen Xen<4.17.0
CVE-2023-34322
top-level shadow reference dropped too early for 64-bit PV guests
Xen Xen>=3.2.0<4.15.0
CVE-2023-34321
arm32: The cache may not be properly cleaned/invalidated
Xen Xen<=4.16
CVE-2023-34319
Linux: buffer overrun in netback due to unusual packet
Xen Xen>=3.2.0
Debian Debian Linux=10.0
debian/linux<=4.19.249-2
debian/linux-5.10
ubuntu/linux<4.15.0-219.230
ubuntu/linux<5.4.0-165.182
and 158 more
CVE-2023-20588
Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak
Debian Debian Linux=11.0
Debian Debian Linux=12.0
Amd Epyc 7351p Firmware
Amd Epyc 7351p
Amd Epyc 7401p Firmware
Amd Epyc 7401p
and 349 more
CVE-2023-34320
arm: Guests can trigger a deadlock on Cortex-A77
Arm Cortex-a77 Firmware=r0p0
Arm Cortex-a77 Firmware=r1p0
Arm Cortex-a77
Xen Xen
CVE-2022-40982
Xen Security Advisory 435 v1 (CVE-2022-40982) - x86/Intel: Gather Data Sampling
debian/intel-microcode<=3.20230214.1~deb11u1<=3.20230512.1<=3.20220510.1~deb11u1
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Xen Xen
and 2772 more
CVE-2023-20593
A use-after-free in AMD Zen2 Processors
Xen Xen=4.15.0
Xen Xen=4.17.0
Xen Xen=4.16.0
Xen Xen=4.14.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 450 more
CVE-2022-4949
The AdSanity plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_upload' function in versions up to, and including, 1.8.1. This makes it possi...
Adsanityplugin Adsanity<1.8.2
Xen Xen
CVE-2022-42336
Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as...
Xen Xen=4.17
CVE-2022-42335
x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called...
Xen Xen=4.17.0
Fedoraproject Fedora=38
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability contr...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen>=4.11.0<=4.17.0
Debian Debian Linux=11.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
CVE-2022-42333
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability contr...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen>=4.11.0<=4.17.0
Debian Debian Linux=11.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
CVE-2022-42332
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called s...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen>=3.2.0
Debian Debian Linux=11.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
CVE-2022-42331
x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. ...
debian/xen<=4.17.0+46-gaaf74a532c-1<=4.14.5+86-g1c354767d5-1
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen>=4.5.0<=4.17.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
CVE-2022-42330
Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" (e.g. for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation. Due...
Xen Xen=4.17.0
CVE-2022-23824
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
Xen Xen
Amd A10-9600p
Amd A10-9630p
Amd A12-9700p
Amd A12-9730p
Amd A4-9120
and 834 more
CVE-2022-42317
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests c...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42313
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests c...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42312
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests c...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42311
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests c...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Debian Debian Linux=11.0
CVE-2022-42316
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests c...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42318
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests c...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42320
Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. When a domain is gone, there might be Xenstore nodes left with access rights contain...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42321
Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42319
Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed ...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen>=4.9.0
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42324
Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml i...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42310
Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen>=4.9.0<4.13.0
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42327
x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out...
Xen Xen=4.16
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42322
Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Sinc...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42309
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xens...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42325
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] ...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen>=4.9.0
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42323
Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Sinc...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-42326
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] ...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen>=4.9.0
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-33748
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen>=4.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Debian Debian Linux=11.0
CVE-2022-33747
Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. removing pages from a guest's P2M (Physical-to-Machine) mapping. When large pages are in use to map guest pages...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Debian Debian Linux=11.0
CVE-2022-33746
P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable with...
debian/xen<=4.11.4+107-gef32c7afa2-1
Xen Xen>=4.13.0<=4.16.1
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Debian Debian Linux=11.0
CVE-2022-33745
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, c...
Xen Xen
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
debian/xen<=4.11.4+107-gef32c7afa2-1
CVE-2022-29900
A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
redhat/kernel-rt<0:3.10.0-1160.80.1.rt56.1225.el7
redhat/kernel<0:3.10.0-1160.80.1.el7
redhat/kernel-rt<0:4.18.0-372.32.1.rt7.189.el8_6
redhat/kernel<0:4.18.0-372.32.1.el8_6
redhat/kernel<0:5.14.0-162.6.1.el9_1
redhat/kernel-rt<0:5.14.0-162.6.1.rt21.168.el9_1
and 648 more
CVE-2022-33742
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device f...
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Linux Linux kernel>=2.6.13<4.9.322
Linux Linux kernel>=4.14<4.14.287
and 149 more
CVE-2022-26365
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device f...
Linux Linux kernel>=2.6.13<4.9.322
Linux Linux kernel>=4.14<4.14.287
Linux Linux kernel>=4.19<4.19.251
Linux Linux kernel>=5.4<5.4.204
Linux Linux kernel>=5.10<5.10.129
Linux Linux kernel>=5.15<5.15.53
and 158 more
CVE-2022-33741
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device f...
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Linux Linux kernel>=2.6.13<4.9.322
Linux Linux kernel>=4.14<4.14.287
and 154 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203