Описание
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | released | 4.9.2-0ubuntu1 |
| cosmic | not-affected | 4.9.2-0ubuntu1 |
| devel | not-affected | 4.9.2-0ubuntu1 |
| disco | not-affected | 4.9.2-0ubuntu1 |
| eoan | not-affected | 4.9.2-0ubuntu1 |
| esm-apps/focal | not-affected | 4.9.2-0ubuntu1 |
| esm-apps/jammy | not-affected | 4.9.2-0ubuntu1 |
| esm-apps/noble | not-affected | 4.9.2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
Показывать по
7.2 High
CVSS2
8.8 High
CVSS3
Связанные уязвимости
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
An issue was discovered in Xen through 4.9.x allowing HVM guest OS use ...
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
Уязвимость гипервизора Xen, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить конфиденциальную информацию, повысить свои привилегии или вызвать аварийное завершение работы приложения
7.2 High
CVSS2
8.8 High
CVSS3