Filtered by vendor Xen Subscriptions
Total 471 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-1763 2 Redhat, Xen 2 Enterprise Linux, Xen 2024-11-21 N/A
The get_free_port function in Xen allows local authenticated DomU users to cause a denial of service or possibly gain privileges via unspecified vectors involving a new event channel port.
CVE-2011-1166 2 Redhat, Xen 2 Enterprise Linux, Xen 2024-11-21 N/A
Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables.
CVE-2009-3525 2 Redhat, Xen 2 Enterprise Linux, Xen 2024-11-21 N/A
The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the expected password.
CVE-2009-1758 3 Linux, Redhat, Xen 3 Linux Kernel, Enterprise Linux, Xen 2024-11-21 N/A
The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges."
CVE-2008-4993 2 Redhat, Xen 2 Enterprise Linux, Xen 2024-11-21 N/A
qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file.
CVE-2008-3687 1 Xen 2 Xen, Xen Flask Module 2024-11-21 N/A
Heap-based buffer overflow in the flask_security_label function in Xen 3.3, when compiled with the XSM:FLASK module, allows unprivileged domain users (domU) to execute arbitrary code via the flask_op hypercall.
CVE-2007-6416 2 Redhat, Xen 2 Enterprise Linux, Xen 2024-11-21 N/A
The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain mapping operations.
CVE-2007-5730 4 Debian, Qemu, Redhat and 1 more 4 Debian Linux, Qemu, Enterprise Linux and 1 more 2024-11-21 N/A
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability.
CVE-2007-1321 5 Debian, Fedoraproject, Qemu and 2 more 6 Debian Linux, Fedora, Fedora Core and 3 more 2024-11-21 N/A
Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730.
CVE-2007-1320 6 Debian, Fedoraproject, Opensuse and 3 more 7 Debian Linux, Fedora, Fedora Core and 4 more 2024-11-21 N/A
Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.
CVE-2007-0998 2 Redhat, Xen 3 Enterprise Linux, Fedora Core, Qemu 2024-11-21 N/A
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.