Lucene search

K

Veracode Vulnerability DatabaseVERACODE:40503

HistoryMay 14, 2023 - 4:13 a.m.

Mis-handling Cache Attributes

2023-05-1404:13:28

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

16

xen

vulnerability

cache attributes

denial of service

EPSS

0

Percentile

14.3%

xen is vulnerable to Mis-handling Cache Attributes. The vulnerability allows entities controlling HVM guests to run the host out of resources or stall execution of a physical CPU for effectively unbounded periods of time which could lead to a denial of service to the affected users.

References

www.openwall.com/lists/oss-security/2023/03/21/2

xenbits.xen.org/xsa/advisory-428.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5L6PM4RE7MUE6OWA32ZVOXCP235RM2TM/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APBMS2Q6746AXAFAITNJMGBNFGNMVLWR/

secdb.alpinelinux.org/v3.16/main.yaml

secdb.alpinelinux.org/v3.17/main.yaml

security.gentoo.org/glsa/202402-07

www.debian.org/security/2023/dsa-5378

xenbits.xenproject.org/xsa/advisory-428.txt

EPSS

0

Percentile

14.3%

Related for VERACODE:40503

prion2 debiancve2 alpinelinux2 cve2 ubuntucve2 nvd2 cvelist2 xen1 osv3 nessus11 openvas9 fedora3 debian1 gentoo1