漏洞标题
N/A
漏洞描述信息
未清除传递给设备的设备中断 与向x86 HVM guests暴露的物理设备有关的中断管理涉及迭代操作,特别是在 guest使用设备后清理时。如果在中断在调用此清理之前尚未 Quiescent,则该清理尝试可能会被重新安排。当涉及多个中断时,这可能会被误跳过。同时指针可能会被清除(导致对NULL的引用)并释放(导致使用后释放),而其他代码仍将假定它们有效。
CVSS信息
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. In the case where an interrupt is not quiescent yet at the time this cleanup gets invoked, the cleanup attempt may be scheduled to be retried. When multiple interrupts are involved, this scheduling of a retry may get erroneously skipped. At the same time pointers may get cleared (resulting in a de-reference of NULL) and freed (resulting in a use-after-free), while other code would continue to assume them to be valid.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
xen 安全漏洞
漏洞描述信息
Xen是英国剑桥(Cambridge)大学的一款开源的虚拟机监视器产品。该产品能够使不同和不兼容的操作系统运行在同一台计算机上,并支持在运行时进行迁移,保证正常运行并且避免宕机。 xen 存在安全漏洞,该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。
CVSS信息
N/A
漏洞类别
其他