EUVD-2015-8225

Malware in sbrugna...

The vulnerability of Xen hypervisors, related to the lack of memory release after the effective lifespan, allows a malicious actor to gain access to confidential information.

The vulnerability of Xen hypervisors is related to data leaks in the libxl library, as well as the lack of memory release after the effective lifespan of the components. Exploiting this vulnerability can allow an attacker to access confidential information...

SUSE CVE-2013-4329

The xenlight library libxl in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service via a DMA instruction...

SUSE CVE-2021-28687

HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of...

DEBIAN-CVE-2015-7972

The 1 libxlsetmemorytarget function in tools/libxl/libxl.c and 2 libxlbuildpost function in tools/libxl/libxldom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand PoD system, which allows local HVM guest users to cause a denial of service...