Search Results (Refine Search)
- CPE Product Version: cpe:/o:xen:xen:4.8.0
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-10913 |
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1. Published: July 04, 2017; 9:29:00 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-10912 |
Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217. Published: July 04, 2017; 9:29:00 PM -0400 |
V3.0: 10.0 CRITICAL V2.0: 10.0 HIGH |
CVE-2017-8904 |
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214. Published: May 11, 2017; 3:29:00 PM -0400 |
V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-8903 |
Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213. Published: May 11, 2017; 3:29:00 PM -0400 |
V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-10025 |
VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check. Published: January 26, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2016-10024 |
Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations. Published: January 26, 2017; 10:59:00 AM -0500 |
V3.0: 6.0 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2016-10013 |
Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. Published: January 26, 2017; 10:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |