Veracode Vulnerability DatabaseVERACODE:40505Use-After-Free
EPSS
Percentile
14.3%
xen is vulnerable to Use-After-Free. The vulnerability allows established shadow page tables to be freed again immediately, while other code is still accessible on the assumption that they would remain allocated.
References
www.openwall.com/lists/oss-security/2023/03/21/1
xenbits.xen.org/xsa/advisory-427.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5L6PM4RE7MUE6OWA32ZVOXCP235RM2TM/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APBMS2Q6746AXAFAITNJMGBNFGNMVLWR/
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
secdb.alpinelinux.org/v3.17/main.yaml
secdb.alpinelinux.org/v3.18/main.yaml
security.gentoo.org/glsa/202402-07
www.debian.org/security/2023/dsa-5378
xenbits.xenproject.org/xsa/advisory-427.txt
Related
