Search Results (Refine Search)
- CPE Product Version: cpe:/o:xen:xen:4.4.0:rc1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-7188 |
The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors. Published: October 02, 2014; 10:55:05 AM -0400 |
V3.x:(not available) V2.0: 8.3 HIGH |
CVE-2014-7156 |
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors. Published: October 02, 2014; 10:55:05 AM -0400 |
V3.x:(not available) V2.0: 3.3 LOW |
CVE-2014-7155 |
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction. Published: October 02, 2014; 10:55:05 AM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2014-7154 |
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors. Published: October 02, 2014; 10:55:05 AM -0400 |
V3.x:(not available) V2.0: 6.1 MEDIUM |
CVE-2014-5147 |
Xen 4.4.x, when running a 64-bit kernel on an ARM system, does not properly handle traps from the guest domain that use a different address width, which allows local guest users to cause a denial of service (host crash) via a crafted 32-bit process. Published: August 29, 2014; 12:55:11 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2014-4022 |
The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which allows local guest administrators to obtain sensitive information via the GNTTABOP_setup_table subhypercall. Published: July 09, 2014; 10:55:03 AM -0400 |
V3.x:(not available) V2.0: 2.7 LOW |
CVE-2014-4021 |
Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors. Published: June 18, 2014; 3:55:04 PM -0400 |
V3.x:(not available) V2.0: 2.7 LOW |
CVE-2014-3969 |
Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors. Published: June 05, 2014; 4:55:06 PM -0400 |
V3.x:(not available) V2.0: 7.4 HIGH |
CVE-2014-3968 |
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged. Published: June 05, 2014; 4:55:06 PM -0400 |
V3.x:(not available) V2.0: 5.5 MEDIUM |
CVE-2014-3967 |
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors. Published: June 05, 2014; 4:55:06 PM -0400 |
V3.x:(not available) V2.0: 5.5 MEDIUM |
CVE-2014-3717 |
Xen 4.4.x does not properly validate the load address for 64-bit ARM guest kernels, which allows local users to read system memory or cause a denial of service (crash) via a crafted kernel, which triggers a buffer overflow. Published: May 19, 2014; 10:55:12 AM -0400 |
V3.x:(not available) V2.0: 3.3 LOW |
CVE-2014-3716 |
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service (crash) via an unspecified field in a DTB header in a 32-bit guest kernel. Published: May 19, 2014; 10:55:12 AM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2014-3715 |
Buffer overflow in Xen 4.4.x allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit guest kernel, related to searching for an appended DTB. Published: May 19, 2014; 10:55:12 AM -0400 |
V3.x:(not available) V2.0: 3.3 LOW |
CVE-2014-3714 |
The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit ARM guest kernel in an image, which triggers a buffer overflow. Published: May 19, 2014; 10:55:12 AM -0400 |
V3.x:(not available) V2.0: 3.3 LOW |
CVE-2014-3124 |
The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types. Published: May 07, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 6.7 MEDIUM |
CVE-2014-3125 |
Xen 4.4.x, when running on an ARM system, does not properly context switch the CNTKCTL_EL1 register, which allows local guest users to modify the hardware timers and cause a denial of service (crash) via unspecified vectors. Published: May 02, 2014; 10:55:07 AM -0400 |
V3.x:(not available) V2.0: 6.2 MEDIUM |
CVE-2014-2986 |
The vgic_distr_mmio_write function in the virtual guest interrupt controller (GIC) distributor (arch/arm/vgic.c) in Xen 4.4.x, when running on an ARM system, allows local guest users to cause a denial of service (NULL pointer dereference and host crash) via unspecified vectors. Published: April 28, 2014; 10:09:08 AM -0400 |
V3.x:(not available) V2.0: 5.5 MEDIUM |
CVE-2014-2915 |
Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vectors, related to (1) cache control, (2) coprocessors, (3) debug registers, and (4) other unspecified registers. Published: April 24, 2014; 10:55:04 AM -0400 |
V3.x:(not available) V2.0: 5.5 MEDIUM |
CVE-2014-1896 |
The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC series allows local guests to cause a denial of service or possibly gain privileges via crafted xenstore ring indexes, which triggers a "read or write past the end of the ring." Published: April 01, 2014; 2:35:53 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |