Количество 16
Количество 16
CVE-2021-28701
Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed.
CVE-2021-28701
Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed.
CVE-2021-28701
Another race in XENMAPSPACE_grant_table handling Guests are permitted ...
openSUSE-SU-2021:3140-1
Security update for xen
openSUSE-SU-2021:1301-1
Security update for xen
SUSE-SU-2021:3213-1
Security update for xen
SUSE-SU-2021:3181-1
Security update for xen
SUSE-SU-2021:3141-1
Security update for xen
SUSE-SU-2021:3140-1
Security update for xen
GHSA-423x-f92f-r5fm
Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed.
BDU:2022-01697
Уязвимость функции XENMAPSPACE_grant_table гипервизора Xen, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
SUSE-SU-2021:3849-1
Security update for xen
SUSE-SU-2021:3842-1
Security update for xen
SUSE-SU-2021:3977-1
Security update for xen
SUSE-SU-2021:3322-1
Security update for xen
SUSE-SU-2021:14848-1
Security update for xen
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-28701 Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed. | CVSS3: 7.8 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-28701 Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed. | CVSS3: 7.8 | 0% Низкий | больше 4 лет назад |
| CVE-2021-28701 Another race in XENMAPSPACE_grant_table handling Guests are permitted ... | CVSS3: 7.8 | 0% Низкий | больше 4 лет назад |
 | openSUSE-SU-2021:3140-1 Security update for xen | 0% Низкий | больше 4 лет назад | |
| openSUSE-SU-2021:1301-1 Security update for xen | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:3213-1 Security update for xen | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:3181-1 Security update for xen | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:3141-1 Security update for xen | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:3140-1 Security update for xen | 0% Низкий | больше 4 лет назад | |
| GHSA-423x-f92f-r5fm Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | BDU:2022-01697 Уязвимость функции XENMAPSPACE_grant_table гипервизора Xen, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании | CVSS3: 7.8 | 0% Низкий | больше 4 лет назад |
| SUSE-SU-2021:3849-1 Security update for xen | около 4 лет назад | ||
| SUSE-SU-2021:3842-1 Security update for xen | около 4 лет назад | ||
| SUSE-SU-2021:3977-1 Security update for xen | около 4 лет назад | ||
| SUSE-SU-2021:3322-1 Security update for xen | больше 4 лет назад | ||
| SUSE-SU-2021:14848-1 Security update for xen | около 4 лет назад |
Уязвимостей на страницу