Category Archives: Advisories

xen-4.16.2-3.fc36

Read Time:53 Second

FEDORA-2022-07438e12df

Packages in this update:

xen-4.16.2-3.fc36

Update description:

x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327]
Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309]
Xenstore: Guests can create orphaned Xenstore nodes [XSA-415,
CVE-2022-42310]
Xenstore: guests can let run xenstored out of memory [XSA-326,
CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314,
CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318]
Xenstore: Guests can cause Xenstore to not free temporary memory
[XSA-416, CVE-2022-42319]
Xenstore: Guests can get access to Xenstore nodes of deleted domains
[XSA-417, CVE-2022-42320]
Xenstore: Guests can crash xenstored via exhausting the stack
[XSA-418, CVE-2022-42321]
Xenstore: Cooperating guests can create arbitrary numbers of nodes
[XSA-419, CVE-2022-42322, CVE-2022-42323]
Oxenstored 32->31 bit integer truncation issues [XSA-420, CVE-2022-42324]
Xenstore: Guests can create arbitrary number of nodes via transactions
[XSA-421, CVE-2022-42325, CVE-2022-42326]

Read More

xen-4.16.2-3.fc37

Read Time:53 Second

FEDORA-2022-674b1243c2

Packages in this update:

xen-4.16.2-3.fc37

Update description:

x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327]
Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309]
Xenstore: Guests can create orphaned Xenstore nodes [XSA-415,
CVE-2022-42310]
Xenstore: guests can let run xenstored out of memory [XSA-326,
CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314,
CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318]
Xenstore: Guests can cause Xenstore to not free temporary memory
[XSA-416, CVE-2022-42319]
Xenstore: Guests can get access to Xenstore nodes of deleted domains
[XSA-417, CVE-2022-42320]
Xenstore: Guests can crash xenstored via exhausting the stack
[XSA-418, CVE-2022-42321]
Xenstore: Cooperating guests can create arbitrary numbers of nodes
[XSA-419, CVE-2022-42322, CVE-2022-42323]
Oxenstored 32->31 bit integer truncation issues [XSA-420, CVE-2022-42324]
Xenstore: Guests can create arbitrary number of nodes via transactions
[XSA-421, CVE-2022-42325, CVE-2022-42326]

Read More

CVE-2020-4099

Read Time:12 Second

The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app.

Read More