) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-7093 |
Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation. Published: September 21, 2016; 10:25:24 AM -0400 |
V4.0:(not available) V3.0: 8.2 HIGH V2.0: 7.2 HIGH |
| CVE-2016-6259 |
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check. Published: August 02, 2016; 12:59:09 PM -0400 |
V4.0:(not available) V3.0: 6.2 MEDIUM V2.0: 4.9 MEDIUM |
| CVE-2016-6258 |
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries. Published: August 02, 2016; 12:59:08 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
| CVE-2015-5307 |
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. Published: November 16, 2015; 6:59:05 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.9 MEDIUM |