Описание
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Issue TrackingMitigationPatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Issue TrackingMitigationPatchVendor Advisory
Уязвимые конфигурации
EPSS
8.8 High
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
An issue was discovered in Xen through 4.9.x allowing HVM guest OS use ...
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
Уязвимость гипервизора Xen, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить конфиденциальную информацию, повысить свои привилегии или вызвать аварийное завершение работы приложения
EPSS
8.8 High
CVSS3
7.2 High
CVSS2