FEDORA-2022-99af00f60e
Packages in this update:
xen-4.15.3-7.fc35
Update description:
Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309]
Xenstore: Guests can create orphaned Xenstore nodes [XSA-415,
CVE-2022-42310]
Xenstore: guests can let run xenstored out of memory [XSA-326,
CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314,
CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318]
Xenstore: Guests can cause Xenstore to not free temporary memory
[XSA-416, CVE-2022-42319]
Xenstore: Guests can get access to Xenstore nodes of deleted domains
[XSA-417, CVE-2022-42320]
Xenstore: Guests can crash xenstored via exhausting the stack
[XSA-418, CVE-2022-42321]
Xenstore: Cooperating guests can create arbitrary numbers of nodes
[XSA-419, CVE-2022-42322, CVE-2022-42323]
Oxenstored 32->31 bit integer truncation issues [XSA-420, CVE-2022-42324]
Xenstore: Guests can create arbitrary number of nodes via transactions
[XSA-421, CVE-2022-42325, CVE-2022-42326]
add patch to fix an incorrect backport
Arm: unbounded memory consumption for 2nd-level page tables [XSA-409,
CVE-2022-33747] (#2135268)
P2M pool freeing may take excessively long [XSA-410, CVE-2022-33746]
(#2135641)
lock order inversion in transitive grant copy handling [XSA-411,
CVE-2022-33748] (#2135263)
More Stories
iwd-3.3-1.fc40 libell-0.71-1.fc40
FEDORA-2024-0fa283c43a Packages in this update: iwd-3.3-1.fc40 libell-0.71-1.fc40 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
iwd-3.3-1.fc41 libell-0.71-1.fc41
FEDORA-2024-256818da09 Packages in this update: iwd-3.3-1.fc41 libell-0.71-1.fc41 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source...
CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 21 CyberDanube Security Research 20241219-0 ------------------------------------------------------------------------------- title| Authenticated Remote Code...
USN-7179-1: Linux kernel vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...
USN-7173-2: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...