14 matches found
CVE-2025-27462
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. The...
CVE-2025-27463
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. The...
CVE-2025-27464
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. The...
CVE-2025-27464 WinPVDrivers: Excessive permissions on user-exposed devices
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. The...
EUVD-2025-210445
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. The...
CVE-2025-27463
The CVE-2025-27463 entry corresponds to the Windows PV drivers exposed by XenServer/Citrix Hypervisor. These PV devices (XenCons, XenIface, XenBus) reportedly expose facilities to userspace with no security descriptors, making them fully accessible to unprivileged users. The connected sources ide...
CVE-2025-27463 WinPVDrivers: Excessive permissions on user-exposed devices
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. The...
EUVD-2025-210444
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. The...
CVE-2025-27462 WinPVDrivers: Excessive permissions on user-exposed devices
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. The...
EUVD-2025-210443
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. The...
CVE-2025-27462
CVE-2025-27462 refers to the Windows PV drivers in XenServer/Citrix Hypervisor where several PV interfaces (XenCon s, XenIface, XenBus) expose no security descriptors, making them accessible to unprivileged users. The CVE is tied to the Windows PV drivers for XenServer 8.x; Linux guests are unaff...
WinPVDrivers: Excessive permissions on user-exposed devices
ISSUE DESCRIPTION The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. These are: 1. XenCons, CVE-2025-27462 2. XenIface, CVE-2025-27463 3. XenBus, CVE-2025-27464 IMPACT Unprivileged...
Updates to XenIface Windows I/O driver - For Citrix Hypervisor and XenServer
Who Should Read This Article? This information is for customers using Citrix Hypervisor or XenServer who are entitled to receive automatic Windows I/O driver updates on their Windows VMs. Latest version The following versions of XenIface are the latest that are available through Windows Automatic...
Time synchronization issues on Windows VMs with the 9.x Citrix VM Tools
On Windows VMs with the xeniface 9.0.0.11 or 9.1.0.4 driver installed, the VM time can become unsynchronized when the time set by the Citrix VM Tools conflicts with the Windows VM's own time synchronization for example, using Active Directory or NTP...