Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.20 views

FreeBSD : xen-kernel -- GNTTABOP_swap_grant_ref operation misbehavior (80e846ff-27eb-11e5-a4a5-002590263bf5)

The Xen Project reports : With the introduction of version 2 grant table operations, a version check became necessary for most grant table related hypercalls. The GNTTABOPswapgrantref call was lacking such a check. As a result, the subsequent code behaved as if version 2 was in use, when a guest...

4.9CVSS7.8AI score0.00439EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.31 views

Fedora 22 : xen-4.5.0-11.fc22 (2015-10001)

stubs-32.h is back, so revert to previous behaviour. Heap overflow in QEMU PCNET controller, allowing guest-host escape XSA-135, CVE-2015-3209. GNTTABOPswapgrantref operation misbehavior XSA-134, CVE-2015-4163. vulnerability in the iret hypercall handler XSA-136, CVE-2015-4164. Note that Tenable...

7.5CVSS7.6AI score0.09668EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.37 views

Fedora 20 : xen-4.3.4-6.fc20 (2015-9965)

Heap overflow in QEMU PCNET controller, allowing guest-host escape XSA-135, CVE-2015-3209 1230537 GNTTABOPswapgrantref operation misbehavior XSA-134, CVE-2015-4163 vulnerability in the iret hypercall handler XSA-136, CVE-2015-4164 Potential unintended writes to host MSI message data field via qem...

7.8CVSS7.7AI score0.09668EPSS
Exploits0References11
OPENSUSE Linux
OPENSUSE Linux
added 2015/06/22 2:4 p.m.34 views

Security update for xen (important)

Xen was updated to fix eight vulnerabilities. The following vulnerabilities were fixed: CVE-2015-2751: Certain domctl operations may be abused to lock up the host XSA-127 boo922709 CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu XSA-128 boo931625 CVE-2015-4104:...

7.8CVSS0.6AI score0.09668EPSS
Exploits0References8
securityvulns
securityvulns
added 2015/06/21 12:0 a.m.64 views

[SECURITY] [DSA 3286-1] xen security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3286-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 13, 2015 https://www.debian.org/security/faq -...

7.8CVSS0.8AI score0.09668EPSS
Exploits0
NVD
NVD
added 2015/06/15 3:59 p.m.16 views

CVE-2015-4163

GNTTABOPswapgrantref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service NULL pointer dereference via a hypercall without a GNTTABOPsetuptable or GNTTABOPsetversion...

4.9CVSS8.4AI score0.00439EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2015/06/15 3:59 p.m.30 views

CVE-2015-4163

GNTTABOPswapgrantref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service NULL pointer dereference via a hypercall without a GNTTABOPsetuptable or GNTTABOPsetversion...

4.9CVSS7.2AI score0.00439EPSS
Exploits0References2
Prion
Prion
added 2015/06/15 3:59 p.m.21 views

Null pointer dereference

GNTTABOPswapgrantref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service NULL pointer dereference via a hypercall without a GNTTABOPsetuptable or GNTTABOPsetversion...

4.9CVSS6.5AI score0.00439EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2015/06/15 3:0 p.m.73 views

CVE-2015-4163

CVE-2015-4163 affects Xen 4.2–4.5 and stems from GNTTABOP_swap_grant_ref not checking the grant-table operation version, enabling a local guest to cause a denial of service via a NULL pointer dereference when a hypercall is issued without GNTTABOP_setup_table or GNTTABOP_set_version. Impact is li...

4.9CVSS6.2AI score0.00439EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2015/06/15 3:0 p.m.28 views

CVE-2015-4163

GNTTABOPswapgrantref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service NULL pointer dereference via a hypercall without a GNTTABOPsetuptable or GNTTABOPsetversion...

6.4AI score0.00439EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2015/06/15 12:0 a.m.45 views

Debian DSA-3286-1 : xen - security update

Multiple security issues have been found in the Xen virtualisation solution : - CVE-2015-3209 Matt Tait discovered a flaw in the way QEMU's AMD PCnet Ethernet emulation handles multi-TMD packets with a length above 4096 bytes. A privileged guest user in a guest with an AMD PCNet ethernet card...

7.8CVSS8AI score0.09668EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2015/06/15 12:0 a.m.38 views

SUSE SLED11 / SLES11 Security Update : Xen (SUSE-SU-2015:1045-1)

Xen was updated to fix seven security vulnerabilities : CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu. XSA-128, bnc931625 CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests. XSA-129, bnc931626 CVE-2015-4105: Guest triggerable qemu MSI-X...

7.8CVSS7.7AI score0.09668EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2015/06/12 12:0 a.m.34 views

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:1042-1)

Xen was updated to fix seven security issues and one non-security bug. The following vulnerabilities were fixed : - CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu XSA-128 bnc931625 - CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests XSA-129...

7.8CVSS7.7AI score0.09668EPSS
Exploits0References23
OpenVAS
OpenVAS
added 2015/06/12 12:0 a.m.30 views

Citrix XenServer Multiple Security Updates (CTX201145)

A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to crash the host. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 6.5 Service Pack 1...

7.8CVSS7.8AI score0.03427EPSS
Exploits0References1
Xen Project
Xen Project
added 2015/06/11 12:0 p.m.47 views

GNTTABOP_swap_grant_ref operation misbehavior

ISSUE DESCRIPTION With the introduction of version 2 grant table operations, a version check became necessary for most grant table related hypercalls. The GNTTABOPswapgrantref call was lacking such a check. As a result, the subsequent code behaved as if version 2 was in use, when a guest issued...

4.9CVSS8.8AI score0.00439EPSS
Exploits0Affected Software1
NVD
NVD
added 2012/11/23 8:55 p.m.22 views

CVE-2012-3516

The GNTTABOPswapgrantref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service host crash and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hyperviso...

6.9CVSS6.7AI score0.00356EPSS
Exploits0References7
Cvelist
Cvelist
added 2012/11/23 8:0 p.m.25 views

CVE-2012-3516

The GNTTABOPswapgrantref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service host crash and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hyperviso...

6.6AI score0.00356EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2012/11/23 8:0 p.m.27 views

CVE-2012-3516

The GNTTABOPswapgrantref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service host crash and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hyperviso...

6.9CVSS6.9AI score0.00356EPSS
Exploits0
CVE
CVE
added 2012/11/23 8:0 p.m.58 views

CVE-2012-3516

CVE-2012-3516 affects Xen 4.2 and Citrix XenServer 6.0.2 via the GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall. A crafted grant reference can be used by local guest kernels or administrators to cause a host crash (DoS) and potentially gain privileges by triggering a write to ...

6.9CVSS6.8AI score0.00356EPSS
Exploits0References7Affected Software2
Rows per page
Query Builder