SUSE CVE-2016-10025

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...

SUSE CVE-2017-7228

An issue known as XSA-212 was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEMexchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arra...

SUSE CVE-2017-8903

Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213...

SUSE CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

SUSE CVE-2017-10919

Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service hypervisor crash, aka XSA-223...

SUSE CVE-2017-10923

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service hypervisor crash, aka XSA-225...

SUSE CVE-2017-12137

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to mapgrantref...

SUSE CVE-2017-15590

An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because MSI mapping was mishandled...

SUSE CVE-2017-15589

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS or an arbitrary guest OS because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory...

SUSE CVE-2017-15592

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests...

SUSE CVE-2017-15596

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service prevent physical CPU usage because of lock mishandling upon detection of an add-to-physmap error...

SUSE CVE-2017-1000252

The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service assertion failure, and hypervisor hang or crash via an out-of bounds guestirq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c...

SUSE CVE-2018-1087

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch...

SUSE CVE-2018-7542

An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service NULL pointer dereference and hypervisor crash by leveraging the mishandling of configurations that lack a Local APIC...

SUSE CVE-2018-10472

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users in certain configurations to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot...

SUSE CVE-2018-10982

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service unexpectedly high interrupt number, array overrun, and hypervisor crash or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET...

SUSE CVE-2018-14636

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...

SUSE CVE-2018-14678

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usage and system crash. Within Xen...

SUSE CVE-2018-15469

An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG...

SUSE CVE-2018-18021

arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVMSETONREG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control with full register control. An attacker ca...