Lucene search
K

198 matches found

OSV
OSV
added 2013/10/17 11:55 p.m.2 views

DEBIAN-CVE-2013-4368

The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information hypervisor stack content via unspecified vectors related to stale...

1.9CVSS7AI score0.00367EPSS
Exploits0References1
OSV
OSV
added 2013/08/28 9:55 p.m.3 views

DEBIAN-CVE-2013-1432

Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not properly maintain references on pages stored for deferred cleanup, which allows local PV guest kernels to cause a denial of service premature page free and hypervisor crash or possibly gain privileges via unspecified vectors...

7.4CVSS6.8AI score0.00583EPSS
Exploits0References1
OSV
OSV
added 2013/08/28 9:55 p.m.2 views

DEBIAN-CVE-2013-2077

Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service unhandled exception and hypervisor crash via unspecified vectors...

5.2CVSS6.2AI score0.00531EPSS
Exploits0References1
CVE
CVE
added 2013/08/28 5:0 p.m.72 views

CVE-2013-2211

CVE-2013-2211 concerns the Xen hypervisor, where the libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions on xenstore keys for paravirtualised and emulated serial console devices. This allows a local guest administrator to modify the xenstore value via unspec...

7.4CVSS3.9AI score0.00562EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/23 12:0 a.m.32 views

RHEL 6 : virtio-win (RHSA-2013:1101)

An updated virtio-win package that fixes one security issue is now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.2CVSS7.6AI score0.00448EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/07/22 5:26 p.m.38 views

Important: Red Hat Security Advisory: virtio-win security update

An updated virtio-win package that fixes one security issue is now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.2CVSS7.2AI score0.00448EPSS
Exploits0References2
Xen Project
Xen Project
added 2013/05/30 4:36 p.m.11 views

PV guest host Denial of Service

ISSUE DESCRIPTION A Xen user has discovered that some older AMD CPUs can be made to lock up due to AMD processor erratum 121. This issue was discovered during testing of the fix for XSA-7 CVE-2012-0217. Although the two issues are unrelated the situations which can trigger them may overlap...

7.2CVSS7.3AI score0.37212EPSS
Exploits6
OSV
OSV
added 2013/05/13 11:55 p.m.2 views

DEBIAN-CVE-2013-1918

Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal."...

4.7CVSS8.1AI score0.00363EPSS
Exploits0References1
OSV
OSV
added 2012/12/13 11:53 a.m.4 views

DEBIAN-CVE-2012-5513

The XENMEMexchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service crash or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range...

6.9CVSS8.4AI score0.00406EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2012/11/19 12:0 a.m.37 views

SuSE 10 Security Update : Xen (ZYPP Patch Number 8359)

XEN received various security and bugfixes : - xen: Timer overflow DoS vulnerability XSA-20. CVE-2012-4535 - xen: Memory mapping failure DoS vulnerability XSA-22 The following additional bugs have beenfixed:. CVE-2012-4537 - L3: Xen BUG at ioapic.c:129 26102-x86-IOAPIC-legacy-not-first.patch...

6.9CVSS7.8AI score0.00443EPSS
Exploits0References16
Xen Project
Xen Project
added 2012/09/05 8:38 a.m.11 views

XENMEM_populate_physmap DoS vulnerability

ISSUE DESCRIPTION XENMEMpopulatephysmap can be called with invalid flags. By calling it with MEMFpopulateondemand flag set, a BUG can be triggered if a translating paging mode is not being used. IMPACT A malicious guest kernel can crash the host. VULNERABLE SYSTEMS All Xen systems running PV...

4.7CVSS7.2AI score0.00418EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2012/06/12 2:7 p.m.4 views

kernel: denial of service due to AMD Erratum #121

Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service host hang via sequential execution of instructions across a non-canonical boundary, a different...

1.9CVSS7.7AI score0.00459EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2011/09/06 12:0 a.m.4 views

PT-2013-1400 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions 3.3 and earlier Description: The issue is related to an off-by-one error in the addr ok macro, which can be exploited by local 64-bit PV guest administrators to cause a denial of service, resulting in a host crash. This can be...

7.8CVSS7.5AI score0.03769EPSS
Exploits2References19
RedHat Linux
RedHat Linux
added 2011/05/09 3:45 p.m.6 views

xen: insufficiencies in pv kernel image validation

tools/libxc/xcdombzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service management software infinite loop and management domain resource consumption via unspecified vectors related to "Lack of error checking in the decompression loop."...

2.1CVSS5.8AI score0.00334EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/11/04 10:11 a.m.8 views

kernel-xen 3.1.1 does not prevent modification of the CR4 TSC from applications (DoS possible)

Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to cause a denial of service crash...

4.7CVSS5.8AI score0.00354EPSS
Exploits0References4
NVD
NVD
added 2008/05/08 12:20 a.m.20 views

CVE-2007-5498

The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service host OS crash via a request that specifies a large number of blocks...

4.9CVSS5.8AI score0.00342EPSS
Exploits0References8
Cvelist
Cvelist
added 2008/05/08 12:0 a.m.28 views

CVE-2007-5498

The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service host OS crash via a request that specifies a large number of blocks...

5.7AI score0.00342EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2008/05/07 12:0 a.m.26 views

CVE-2007-5498

The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service host OS crash via a request that specifies a large number of blocks...

4.9CVSS5.9AI score0.00342EPSS
Exploits0References2
Rows per page
Query Builder