Published: 18/02/2021 Updated: 27/05/2022

CVSS v2 Base Score: 5.9 | Impact Score: 8.5 | Exploitability Score: 3.4

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 525

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:C

An issue exists in Xen up to and including 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen
debian debian linux 10.0

Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, privilege escalation or memory disclosure For the stable distribution (buster), these problems have been fixed in version 4114+99-g8bce4698f6-1 We recommend that you upgrade your xen packages For the detailed security status of xen ple ...

Several security issues have been identified that affect Citrix Hypervisor:Two issues, each of which may each allow privileged code in a guest VM to cause the host to crash or become unresponsive  These two issues only affect systems where the malicious guest VM has a physical PCI device passed through to it by the host administratorThese is ...

https://xenbits.xen.org/xsa/advisory-366.html http://www.openwall.com/lists/oss-security/2021/02/23/1 http://xenbits.xen.org/xsa/advisory-366.html https://www.debian.org/security/2021/dsa-4888 https://nvd.nist.gov https://www.debian.org/security/2021/dsa-4888

CVE-2021-27379

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect