) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:x86:*
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2018-19967 |
An issue was discovered in Xen through 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel's mishandling of certain HLE transactions associated with the KACQUIRE instruction prefix. Published: December 07, 2018; 11:29:00 PM -0500 |
V3.0: 6.5 MEDIUM V2.0: 4.9 MEDIUM |
| CVE-2018-10982 |
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection. Published: May 10, 2018; 7:29:00 PM -0400 |
V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
| CVE-2018-10472 |
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot. Published: April 27, 2018; 11:29:00 AM -0400 |
V3.0: 5.6 MEDIUM V2.0: 1.9 LOW |