Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:xen:xen:4.8.3:*:*:*:*:*:arm:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-14319 |
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were taken into account. Published: September 12, 2017; 11:29:00 AM -0400 |
V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-14317 |
A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on it (including domain creation / destruction, ballooning, device changes, etc.). Published: September 12, 2017; 11:29:00 AM -0400 |
V3.0: 5.6 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2017-14316 |
A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While the function checks to see if the special constant `NUMA_NO_NODE` is specified, it otherwise does not handle the case where `node >= MAX_NUMNODES`. This allows an out-of-bounds access to an internal array. Published: September 12, 2017; 11:29:00 AM -0400 |
V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-12137 |
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. Published: August 24, 2017; 10:29:00 AM -0400 |
V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-12135 |
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. Published: August 24, 2017; 10:29:00 AM -0400 |
V3.0: 8.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2017-12134 |
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation. Published: August 24, 2017; 10:29:00 AM -0400 |
V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-9386 |
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values. Published: January 23, 2017; 4:59:02 PM -0500 |
V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2016-9383 |
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions. Published: January 23, 2017; 4:59:02 PM -0500 |
V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-9380 |
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file. Published: January 23, 2017; 4:59:02 PM -0500 |
V3.0: 7.5 HIGH V2.0: 4.6 MEDIUM |
CVE-2016-9379 |
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file. Published: January 23, 2017; 4:59:02 PM -0500 |
V3.0: 7.9 HIGH V2.0: 4.6 MEDIUM |
CVE-2014-3672 |
The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr. Published: May 25, 2016; 11:59:00 AM -0400 |
V3.0: 6.5 MEDIUM V2.0: 2.1 LOW |
CVE-2007-5730 |
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability. Published: October 30, 2007; 6:46:00 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |