26 matches found
CVE-2013-2194
Multiple integer overflows in the Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel...
Design/Logic Flaw
The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk 1 before or 2 after decompression, which allows local guest administrators to cause a denial of service domain 0 memory consumption via a crafted a kernel or b ramdisk...
CVE-2012-4544
The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk 1 before or 2 after decompression, which allows local guest administrators to cause a denial of service domain 0 memory consumption via a crafted a kernel or b ramdisk...
CVE-2011-1583
Multiple integer overflows in tools/libxc/xcdombzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers 1 a buffer overflow during a decompression loop or 2 an...
Memory corruption
aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs 1 0xb2d6000c and 2 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerabilit...
Design/Logic Flaw
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...