ReportizFlow
Filtered by vendor Xen
Subscriptions
Total
495 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-5242 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion. | ||||
| CVE-2015-8339 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown. | ||||
| CVE-2014-7155 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Opensuse and 1 more | 2025-04-12 | N/A |
| The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction. | ||||
| CVE-2015-8340 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handling. | ||||
| CVE-2014-2580 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which causes a mutex to be taken when trying to disable the interface. | ||||
| CVE-2014-3717 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| Xen 4.4.x does not properly validate the load address for 64-bit ARM guest kernels, which allows local users to read system memory or cause a denial of service (crash) via a crafted kernel, which triggers a buffer overflow. | ||||
| CVE-2014-2599 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain service domains for HVM guests and a large input. | ||||
| CVE-2011-3346 | 3 Qemu, Redhat, Xen | 3 Qemu, Enterprise Linux, Xen | 2025-04-12 | N/A |
| Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs. | ||||
| CVE-2014-1892 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| Xen 3.3 through 4.1, when XSM is enabled, allows local users to cause a denial of service via vectors related to a "large memory allocation," a different vulnerability than CVE-2014-1891, CVE-2014-1893, and CVE-2014-1894. | ||||
| CVE-2014-3124 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types. | ||||
| CVE-2015-0268 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when running on ARM hardware with general interrupt controller (GIC) version 2, allows local guest users to cause a denial of service (host crash) by writing an invalid value to the GICD.SGIR register. | ||||
| CVE-2016-4480 | 2 Oracle, Xen | 2 Vm Server, Xen | 2025-04-12 | N/A |
| The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory. | ||||
| CVE-2015-2151 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2015-1563 | 2 Fedoraproject, Xen | 2 Fedora, Xen | 2025-04-12 | N/A |
| The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged. | ||||
| CVE-2015-7969 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall. | ||||
| CVE-2014-3969 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors. | ||||
| CVE-2014-3672 | 2 Redhat, Xen | 2 Libvirt, Xen | 2025-04-12 | N/A |
| The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr. | ||||
| CVE-2015-2752 | 2 Fedoraproject, Xen | 2 Fedora, Xen | 2025-04-12 | N/A |
| The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm). | ||||
| CVE-2015-7970 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory contents that triggers a "time-consuming linear scan," related to Populate-on-Demand. | ||||
| CVE-2012-3433 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service (domain 0 VCPU hang and kernel panic) by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown. | ||||