Juergen Gross

5 exploits Active since Oct 2019
CVE-2022-36123 WRITEUP HIGH WRITEUP
Linux kernel <5.18.13 - DoS/Privilege Escalation
The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.
CVSS 7.8
CVE-2019-17351 WRITEUP MEDIUM WRITEUP
Xen < 4.12.1 and Linux Kernel < 5.2.3 - Denial of Service via Unrestricted Guest Memory Mapping
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.
CVSS 6.5
CVE-2020-27673 WRITEUP MEDIUM WRITEUP
Xen < 4.14.0 - Denial of Service via High Event Rate to dom0
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
CVSS 5.5
CVE-2020-27675 WRITEUP MEDIUM WRITEUP
Linux Kernel < 5.9.1 - Use-After-Free in Xen Event Channel Handling
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5.
CVSS 4.7
CVE-2022-36123 WRITEUP HIGH WRITEUP
Linux kernel <5.18.13 - DoS/Privilege Escalation
The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.
CVSS 7.8