Описание
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
Ссылки
- Mailing ListMitigationThird Party Advisory
- Mailing ListMitigationThird Party Advisory
Уязвимые конфигурации
EPSS
9.1 Critical
CVSS3
9.4 Critical
CVSS2
Дефекты
Связанные уязвимости
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
Xen through 4.8.x does not validate the port numbers of polled event c ...
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
Уязвимость гипервизора Xen, позволяющая нарушителю получить конфиденциальную информацию или вызвать отказ в обслуживании
EPSS
9.1 Critical
CVSS3
9.4 Critical
CVSS2