Filtered by vendor Xen
Subscribe
Total
476 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4554 | 1 Xen | 1 Xen | 2025-04-11 | 5.2 MEDIUM | N/A |
| Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2. | |||||
| CVE-2012-6035 | 1 Xen | 1 Xen | 2025-04-11 | 6.9 MEDIUM | N/A |
| The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 does not properly validate pool ids, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. | |||||
| CVE-2013-0231 | 2 Linux, Xen | 2 Linux Kernel, Xen | 2025-04-11 | 4.9 MEDIUM | N/A |
| The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2013-2195 | 1 Xen | 1 Xen | 2025-04-11 | 6.9 MEDIUM | N/A |
| The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations. | |||||
| CVE-2012-4537 | 1 Xen | 1 Xen | 2025-04-11 | 2.1 LOW | N/A |
| Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability." | |||||
| CVE-2014-1642 | 1 Xen | 1 Xen | 2025-04-11 | 4.4 MEDIUM | N/A |
| The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor crash) and possibly execute arbitrary code via vectors related to an out-of-memory error that triggers a (1) use-after-free or (2) double free. | |||||
| CVE-2012-5515 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value. | |||||
| CVE-2013-4361 | 1 Xen | 1 Xen | 2025-04-11 | 2.1 LOW | N/A |
| The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction. | |||||
| CVE-2012-4539 | 1 Xen | 1 Xen | 2025-04-11 | 2.1 LOW | N/A |
| Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hypercall infinite loop DoS vulnerability." | |||||
| CVE-2013-2212 | 1 Xen | 1 Xen | 2025-04-11 | 5.7 MEDIUM | N/A |
| The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN range. | |||||
| CVE-2012-3498 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-11 | 5.6 MEDIUM | N/A |
| PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index. | |||||
| CVE-2013-2072 | 2 Debian, Xen | 2 Debian Linux, Xen | 2025-04-11 | 7.4 HIGH | N/A |
| Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) and possibly gain privileges via a crafted cpumap. | |||||
| CVE-2013-4494 | 2 Debian, Xen | 2 Debian Linux, Xen | 2025-04-11 | 5.2 MEDIUM | N/A |
| Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same order, which allows local guest administrators with access to multiple vcpus to cause a denial of service (host deadlock) via unspecified vectors. | |||||
| CVE-2011-1780 | 1 Xen | 1 Xen | 2025-04-11 | 6.1 MEDIUM | N/A |
| The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (host crash) by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread. | |||||
| CVE-2014-1950 | 1 Xen | 1 Xen | 2025-04-11 | 4.6 MEDIUM | N/A |
| Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause a denial of service (heap corruption) and possibly gain privileges via unspecified vectors. | |||||
| CVE-2012-4536 | 1 Xen | 1 Xen | 2025-04-11 | 2.1 LOW | N/A |
| The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an out-of-bounds read. | |||||
| CVE-2012-4411 | 1 Xen | 1 Xen | 2025-04-11 | 4.6 MEDIUM | N/A |
| The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998. | |||||
| CVE-2013-4356 | 1 Xen | 1 Xen | 2025-04-11 | 5.4 MEDIUM | N/A |
| Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash). | |||||
| CVE-2012-3497 | 1 Xen | 1 Xen | 2025-04-11 | 6.9 MEDIUM | N/A |
| (1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) TMEMC_SAVE_GET_CLIENT_FLAGS and (4) TMEMC_SAVE_END in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (NULL pointer dereference or memory corruption and host crash) or possibly have other unspecified impacts via a NULL client id. | |||||
| CVE-2012-6034 | 1 Xen | 1 Xen | 2025-04-11 | 4.4 MEDIUM | N/A |
| The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv functions and the (3) TMEMC_SAVE_GET_POOL_UUID sub-operation in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 "do not check incoming guest output buffer pointers," which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. | |||||