Lucene search
K

28 matches found

Cvelist
Cvelist
added 2017/08/24 2:0 p.m.21 views

CVE-2017-12136

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service free list corruption and host crash or gain privileges on the host via vectors involving maptrack free list handling...

6.5AI score0.00311EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2017/08/24 2:0 p.m.36 views

CVE-2017-12136

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service free list corruption and host crash or gain privileges on the host via vectors involving maptrack free list handling...

7.8CVSS5.8AI score0.00311EPSS
Exploits0
CNVD
CNVD
added 2017/05/17 12:0 a.m.3 views

Xen memory corruption vulnerability (CNVD-2017-06936)

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A memory corruption vulnerability...

8.8CVSS7.7AI score0.00421EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/01/26 3:59 p.m.36 views

CVE-2016-10025

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...

5.5CVSS6.8AI score0.00451EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2017/01/26 3:0 p.m.67 views

CVE-2016-10025

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...

5.5CVSS4.3AI score0.00451EPSS
Exploits0
NVD
NVD
added 2016/06/07 2:6 p.m.17 views

CVE-2016-5242

The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...

5.6CVSS5.8AI score0.00342EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/06/07 2:0 p.m.29 views

CVE-2016-4962

The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service resource consumption or management facility confusion or gain host OS privileges by manipulating information in guest controlled areas of xenstore...

7.1AI score0.00399EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2016/06/02 1:49 p.m.31 views

CVE-2016-4962

The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service resource consumption or management facility confusion or gain host OS privileges by manipulating information in guest controlled areas of xenstore...

6.8CVSS5.2AI score0.00399EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/05/18 2:59 p.m.22 views

CVE-2016-4480

The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...

8.4CVSS7.2AI score0.00542EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2016/05/18 2:0 p.m.44 views

CVE-2016-4480

The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...

8.4CVSS4.8AI score0.00542EPSS
Exploits0
Prion
Prion
added 2016/04/14 2:59 p.m.26 views

Buffer overflow

Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional aka qemu-dm device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries,...

6.6CVSS7AI score0.004EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2016/04/14 2:59 p.m.39 views

CVE-2015-8554

Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional aka qemu-dm device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries,...

7.5CVSS7.2AI score0.004EPSS
Exploits0References2
Cvelist
Cvelist
added 2016/04/14 2:0 p.m.30 views

CVE-2015-8554

Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional aka qemu-dm device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries,...

7.9AI score0.004EPSS
Exploits0References6
CVE
CVE
added 2016/04/14 2:0 p.m.70 views

CVE-2015-8554

CVE-2015-8554 describes a buffer overflow in Xen’s MSI-X handling: in hw/pt-msi.c for Xen 4.6.x and earlier when using the qemu-xen-traditional (qemu-dm) device model. The issue enables local x86 HVM guest administrators, with access to a passed-through MSI-X capable PCI device and MSI-X table en...

7.5CVSS7.8AI score0.004EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2016/04/14 2:0 p.m.36 views

CVE-2015-8554

Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional aka qemu-dm device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries,...

7.5CVSS8.1AI score0.004EPSS
Exploits0
Prion
Prion
added 2016/02/19 4:59 p.m.25 views

Design/Logic Flaw

VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service guest crash via vectors related to a non-canonical RIP...

2.1CVSS6.5AI score0.00391EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCve
added 2016/02/19 4:59 p.m.20 views

CVE-2016-2270

Xen 4.6.x and earlier allows local guest administrators to cause a denial of service host reboot via vectors related to multiple mappings of MMIO pages with different cachability settings...

6.8CVSS6.9AI score0.01481EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/02/19 4:59 p.m.28 views

CVE-2016-2271

VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service guest crash via vectors related to a non-canonical RIP...

5.5CVSS6.8AI score0.00391EPSS
Exploits0References2
Prion
Prion
added 2016/02/19 4:59 p.m.17 views

Design/Logic Flaw

Xen 4.6.x and earlier allows local guest administrators to cause a denial of service host reboot via vectors related to multiple mappings of MMIO pages with different cachability settings...

4.6CVSS6.5AI score0.01481EPSS
Exploits0References7Affected Software4
CVE
CVE
added 2016/02/19 4:0 p.m.88 views

CVE-2016-2271

CVE-2016-2271 affects Xen VMX on Xen 4.6.x and earlier when running on an Intel or Cyrix CPU. Local HVM guests can trigger a denial of service (guest crash) via vectors related to a non-canonical RIP. Impact is limited to the guest (not the host) per the description; no public patch/version is sp...

5.5CVSS6.1AI score0.00391EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder