Total
473 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5511 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image. | |||||
| CVE-2013-4551 | 1 Xen | 1 Xen | 2025-04-11 | 5.7 MEDIUM | N/A |
| Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction execution." | |||||
| CVE-2013-2077 | 1 Xen | 1 Xen | 2025-04-11 | 5.2 MEDIUM | N/A |
| Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor crash) via unspecified vectors. | |||||
| CVE-2013-1952 | 1 Xen | 1 Xen | 2025-04-11 | 1.9 LOW | N/A |
| Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of service (interrupt injection) via unspecified vectors. | |||||
| CVE-2012-2625 | 1 Xen | 2 Xen, Xen-unstable | 2025-04-11 | 2.7 LOW | N/A |
| The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image. | |||||
| CVE-2013-0151 | 1 Xen | 1 Xen | 2025-04-11 | 4.6 MEDIUM | N/A |
| The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging administrative access to an HVM guest in a domain with a large number of VCPUs. | |||||
| CVE-2011-2901 | 1 Xen | 1 Xen | 2025-04-11 | 5.5 MEDIUM | N/A |
| Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits. | |||||
| CVE-2012-5514 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors. | |||||
| CVE-2013-4371 | 1 Xen | 1 Xen | 2025-04-11 | 4.4 MEDIUM | N/A |
| Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-2196 | 1 Xen | 1 Xen | 2025-04-11 | 6.9 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE-2013-2195. | |||||
| CVE-2013-1918 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal." | |||||
| CVE-2012-3515 | 7 Canonical, Debian, Opensuse and 4 more | 14 Ubuntu Linux, Debian Linux, Opensuse and 11 more | 2025-04-11 | 7.2 HIGH | N/A |
| Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | |||||
| CVE-2013-4375 | 2 Qemu, Xen | 2 Qemu, Xen | 2025-04-11 | 2.7 LOW | N/A |
| The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors. | |||||
| CVE-2012-6031 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (CPU hang and host crash) via unspecified vectors related to a spinlock being held in the "bad_copy error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. | |||||
| CVE-2012-5525 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read. | |||||
| CVE-2012-3496 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand. | |||||
| CVE-2012-4535 | 1 Xen | 1 Xen | 2025-04-11 | 1.9 LOW | N/A |
| Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline." | |||||
| CVE-2013-4370 | 1 Xen | 1 Xen | 2025-04-11 | 4.6 MEDIUM | N/A |
| The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x and 4.3.x frees certain memory that may still be intended for use, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors that trigger a (1) use-after-free or (2) double free. | |||||
| CVE-2013-0153 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests. | |||||
| CVE-2012-5510 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors. | |||||