Total
466 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-6400 | 1 Xen | 1 Xen | 2023-12-10 | 6.8 MEDIUM | N/A |
Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service (host crash) or gain privileges via unspecified vectors. | |||||
CVE-2011-1763 | 1 Xen | 1 Xen | 2023-12-10 | 7.7 HIGH | N/A |
The get_free_port function in Xen allows local authenticated DomU users to cause a denial of service or possibly gain privileges via unspecified vectors involving a new event channel port. | |||||
CVE-2013-2072 | 2 Debian, Xen | 2 Debian Linux, Xen | 2023-12-10 | 7.4 HIGH | N/A |
Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) and possibly gain privileges via a crafted cpumap. | |||||
CVE-2013-4356 | 1 Xen | 1 Xen | 2023-12-10 | 5.4 MEDIUM | N/A |
Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash). | |||||
CVE-2013-0151 | 1 Xen | 1 Xen | 2023-12-10 | 4.6 MEDIUM | N/A |
The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging administrative access to an HVM guest in a domain with a large number of VCPUs. | |||||
CVE-2013-4361 | 1 Xen | 1 Xen | 2023-12-10 | 2.1 LOW | N/A |
The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction. | |||||
CVE-2011-1780 | 1 Xen | 1 Xen | 2023-12-10 | 6.1 MEDIUM | N/A |
The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (host crash) by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread. | |||||
CVE-2012-2934 | 1 Xen | 1 Xen | 2023-12-10 | 1.9 LOW | N/A |
Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across a non-canonical boundary, a different vulnerability than CVE-2012-0217. | |||||
CVE-2013-2194 | 1 Xen | 1 Xen | 2023-12-10 | 6.9 MEDIUM | N/A |
Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel. | |||||
CVE-2012-5511 | 1 Xen | 1 Xen | 2023-12-10 | 4.7 MEDIUM | N/A |
Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image. | |||||
CVE-2013-4554 | 1 Xen | 1 Xen | 2023-12-10 | 5.2 MEDIUM | N/A |
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2. | |||||
CVE-2013-1922 | 1 Xen | 1 Xen | 2023-12-10 | 3.3 LOW | N/A |
qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different vulnerability than CVE-2008-2004. | |||||
CVE-2013-1918 | 1 Xen | 1 Xen | 2023-12-10 | 4.7 MEDIUM | N/A |
Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal." | |||||
CVE-2013-4369 | 1 Xen | 1 Xen | 2023-12-10 | 1.9 LOW | N/A |
The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and 4.3.x allows local users to cause a denial of service (NULL pointer dereference) by using the "@" character as the VIF rate configuration. | |||||
CVE-2011-1166 | 1 Xen | 1 Xen | 2023-12-10 | 5.5 MEDIUM | N/A |
Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables. | |||||
CVE-2013-4368 | 1 Xen | 1 Xen | 2023-12-10 | 1.9 LOW | N/A |
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a segment register. | |||||
CVE-2013-4370 | 1 Xen | 1 Xen | 2023-12-10 | 4.6 MEDIUM | N/A |
The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x and 4.3.x frees certain memory that may still be intended for use, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors that trigger a (1) use-after-free or (2) double free. | |||||
CVE-2011-2901 | 1 Xen | 1 Xen | 2023-12-10 | 5.5 MEDIUM | N/A |
Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits. | |||||
CVE-2012-6333 | 1 Xen | 1 Xen | 2023-12-10 | 4.7 MEDIUM | N/A |
Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input. | |||||
CVE-2013-2212 | 1 Xen | 1 Xen | 2023-12-10 | 5.7 MEDIUM | N/A |
The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN range. |