U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 189 matching records.
Displaying matches 181 through 189.
Vuln ID Summary CVSS Severity
CVE-2014-1642

The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor crash) and possibly execute arbitrary code via vectors related to an out-of-memory error that triggers a (1) use-after-free or (2) double free.

Published: January 26, 2014; 11:58:11 AM -0500
V3.x:(not available)
V2.0: 4.4 MEDIUM
CVE-2013-4554

Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.

Published: December 24, 2013; 2:55:07 PM -0500
V3.x:(not available)
V2.0: 5.2 MEDIUM
CVE-2013-4553

The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock).

Published: December 24, 2013; 2:55:07 PM -0500
V3.x:(not available)
V2.0: 5.2 MEDIUM
CVE-2013-6400

Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service (host crash) or gain privileges via unspecified vectors.

Published: December 13, 2013; 1:55:05 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-6375

Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does not properly flush the TLB after clearing a present translation table entry, which allows local guest administrators to cause a denial of service or gain privileges via unspecified vectors related to an "inverted boolean parameter."

Published: November 23, 2013; 6:55:04 AM -0500
V3.x:(not available)
V2.0: 7.9 HIGH
CVE-2013-4551

Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction execution."

Published: November 17, 2013; 9:55:08 PM -0500
V3.x:(not available)
V2.0: 5.7 MEDIUM
CVE-2013-4416

The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.

Published: November 02, 2013; 3:55:04 PM -0400
V3.x:(not available)
V2.0: 5.2 MEDIUM
CVE-2013-4494

Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same order, which allows local guest administrators with access to multiple vcpus to cause a denial of service (host deadlock) via unspecified vectors.

Published: November 02, 2013; 2:55:03 PM -0400
V3.x:(not available)
V2.0: 5.2 MEDIUM
CVE-2007-5730

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability.

Published: October 30, 2007; 6:46:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH