FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3ae078ca-c7eb-11e6-ae1b-002590263bf5xen-kernel -- x86 PV guests may be able to mask interrupts

The Xen Project reports:

Certain PV guest kernel operations (page table writes in particular) need emulation, and use Xen's general x86 instruction emulator. This allows a malicious guest kernel which asynchronously modifies its instruction stream to effect the clearing of EFLAGS.IF from the state used to return to guest context.

A malicious guest kernel administrator can cause a host hang or crash, resulting in a Denial of Service.


Discovery 2016-12-21
Entry 2016-12-22
xen-kernel
< 4.7.1_3

CVE-2016-10024
https://xenbits.xen.org/xsa/advisory-202.html
da70d472-af59-11e7-ace2-f8b156b439c5xen-kernel -- multiple vulnerabilities

The Xen project reports multiple vulnerabilities.


Discovery 2017-10-12
Entry 2017-10-12
xen-kernel
< 4.7.2_6

http://xenbits.xen.org/xsa/advisory-237.html
http://xenbits.xen.org/xsa/advisory-238.html
http://xenbits.xen.org/xsa/advisory-239.html
http://xenbits.xen.org/xsa/advisory-240.html
http://xenbits.xen.org/xsa/advisory-241.html
http://xenbits.xen.org/xsa/advisory-242.html
http://xenbits.xen.org/xsa/advisory-243.html
http://xenbits.xen.org/xsa/advisory-244.html
942433db-c661-11e6-ae1b-002590263bf5xen-kernel -- x86: Mishandling of SYSCALL singlestep during emulation

The Xen Project reports:

The typical behaviour of singlestepping exceptions is determined at the start of the instruction, with a #DB trap being raised at the end of the instruction. SYSCALL (and SYSRET, although we don't implement it) behave differently because the typical behaviour allows userspace to escalate its privilege. (This difference in behaviour seems to be undocumented.) Xen wrongly raised the exception based on the flags at the start of the instruction.

Guest userspace which can invoke the instruction emulator can use this flaw to escalate its privilege to that of the guest kernel.


Discovery 2016-12-19
Entry 2016-12-20
xen-kernel
< 4.7.1_2

CVE-2016-10013
http://xenbits.xen.org/xsa/advisory-204.html
90becf7c-1acf-11e7-970f-002590263bf5xen-kernel -- broken check in memory_exchange() permits PV guest breakout

The Xen Project reports:

The XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays.

A malicious or buggy 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks.


Discovery 2017-04-04
Entry 2017-04-06
xen-kernel
< 4.7.2_1

CVE-2017-7228
https://xenbits.xen.org/xsa/advisory-212.html