Total
468 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-10919 | 1 Xen | 1 Xen | 2025-04-20 | 5.0 MEDIUM | 6.5 MEDIUM |
| Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223. | |||||
| CVE-2017-10912 | 1 Xen | 1 Xen | 2025-04-20 | 10.0 HIGH | 10.0 CRITICAL |
| Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217. | |||||
| CVE-2017-10913 | 1 Xen | 1 Xen | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1. | |||||
| CVE-2017-17563 | 1 Xen | 1 Xen | 2025-04-20 | 6.9 MEDIUM | 7.8 HIGH |
| An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode. | |||||
| CVE-2017-14317 | 1 Xen | 1 Xen | 2025-04-20 | 4.7 MEDIUM | 5.6 MEDIUM |
| A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on it (including domain creation / destruction, ballooning, device changes, etc.). | |||||
| CVE-2016-9382 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode. | |||||
| CVE-2017-15592 | 1 Xen | 1 Xen | 2025-04-20 | 7.2 HIGH | 8.8 HIGH |
| An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests. | |||||
| CVE-2017-17045 | 1 Xen | 1 Xen | 2025-04-20 | 7.2 HIGH | 8.8 HIGH |
| An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors. | |||||
| CVE-2017-10914 | 1 Xen | 1 Xen | 2025-04-20 | 6.8 MEDIUM | 8.1 HIGH |
| The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2. | |||||
| CVE-2016-9377 | 1 Xen | 1 Xen | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation. | |||||
| CVE-2023-34321 | 1 Xen | 1 Xen | 2025-04-17 | N/A | 3.3 LOW |
| Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a guest. Unfortunately, the arithmetics in the helpers can overflow and would then result to skip the cache cleaning/invalidation. Therefore there is no guarantee when all the writes will reach the memory. | |||||
| CVE-2015-5154 | 4 Fedoraproject, Qemu, Suse and 1 more | 8 Fedora, Qemu, Linux Enterprise Debuginfo and 5 more | 2025-04-12 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands. | |||||
| CVE-2014-1894 | 1 Xen | 1 Xen | 2025-04-12 | 5.2 MEDIUM | N/A |
| Multiple integer overflows in unspecified suboperations in the flask hypercall in Xen 3.2.x and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1891, CVE-2014-1892, and CVE-2014-1893. | |||||
| CVE-2014-8594 | 3 Debian, Opensuse, Xen | 3 Debian Linux, Opensuse, Xen | 2025-04-12 | 5.4 MEDIUM | N/A |
| The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging (HAP). | |||||
| CVE-2016-7094 | 1 Xen | 1 Xen | 2025-04-12 | 1.5 LOW | 4.1 MEDIUM |
| Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update. | |||||
| CVE-2014-2599 | 1 Xen | 1 Xen | 2025-04-12 | 4.9 MEDIUM | N/A |
| The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain service domains for HVM guests and a large input. | |||||
| CVE-2016-3961 | 2 Canonical, Xen | 2 Ubuntu Linux, Xen | 2025-04-12 | 2.1 LOW | 5.5 MEDIUM |
| Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area. | |||||
| CVE-2016-2270 | 4 Debian, Fedoraproject, Oracle and 1 more | 4 Debian Linux, Fedora, Vm Server and 1 more | 2025-04-12 | 4.6 MEDIUM | 6.8 MEDIUM |
| Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings. | |||||
| CVE-2015-2044 | 1 Xen | 1 Xen | 2025-04-12 | 2.1 LOW | N/A |
| The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size. | |||||
| CVE-2015-5166 | 2 Fedoraproject, Xen | 2 Fedora, Xen | 2025-04-12 | 7.2 HIGH | N/A |
| Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice. | |||||