FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
90becf7c-1acf-11e7-970f-002590263bf5xen-kernel -- broken check in memory_exchange() permits PV guest breakout

The Xen Project reports:

The XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays.

A malicious or buggy 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks.


Discovery 2017-04-04
Entry 2017-04-06
xen-kernel
< 4.7.2_1

CVE-2017-7228
https://xenbits.xen.org/xsa/advisory-212.html