Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-15596 |
An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error. Published: October 18, 2017; 4:29:00 AM -0400 |
V3.0: 6.0 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2017-14431 |
Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207. Published: September 13, 2017; 6:29:00 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2016-5242 |
The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion. Published: June 07, 2016; 10:06:17 AM -0400 |
V3.0: 5.6 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2016-4963 |
The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore. Published: June 07, 2016; 10:06:16 AM -0400 |
V3.0: 4.7 MEDIUM V2.0: 1.9 LOW |
CVE-2016-4962 |
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore. Published: June 07, 2016; 10:06:15 AM -0400 |
V3.0: 6.7 MEDIUM V2.0: 6.8 MEDIUM |
CVE-2016-1571 |
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check. Published: January 22, 2016; 10:59:06 AM -0500 |
V3.0: 6.3 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2016-1570 |
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates. Published: January 22, 2016; 10:59:05 AM -0500 |
V3.0: 8.5 HIGH V2.0: 6.9 MEDIUM |
CVE-2015-7813 |
Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests to cause a denial of service via a sequence of (1) HYPERVISOR_physdev_op hypercalls, which are not properly handled in the do_physdev_op function in arch/arm/physdev.c, or (2) HYPERVISOR_hvm_op hypercalls, which are not properly handled in the do_hvm_op function in arch/arm/hvm.c. Published: October 30, 2015; 11:59:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2015-7311 |
libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image. Published: October 01, 2015; 4:59:06 PM -0400 |
V3.x:(not available) V2.0: 3.6 LOW |
CVE-2015-3259 |
Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument. Published: July 16, 2015; 10:59:01 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-4164 |
The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set. Published: June 15, 2015; 11:59:13 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2015-4163 |
GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version. Published: June 15, 2015; 11:59:12 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2015-2751 |
Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations. Published: April 01, 2015; 10:59:05 AM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2015-2151 |
The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors. Published: March 12, 2015; 10:59:03 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2015-2150 |
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. Published: March 12, 2015; 10:59:02 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2015-2045 |
The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors. Published: March 12, 2015; 10:59:01 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2015-2044 |
The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size. Published: March 12, 2015; 10:59:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2015-1563 |
The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged. Published: February 09, 2015; 6:59:08 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2014-6268 |
The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest users to cause a denial of service (host crash) via vectors involving an uninitialized FIFO-based event channel control block when (1) binding or (2) moving an event to a different VCPU. Published: January 12, 2015; 10:59:02 AM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2014-8866 |
The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode. Published: December 01, 2014; 10:59:08 AM -0500 |
V3.x:(not available) V2.0: 4.7 MEDIUM |