CVE-2015-5166

Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice...

CVE-2014-7155

The x86emulate function in arch/x86/x86emulate/x86emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service guest crash or gain guest kernel mode privileges via vectors involving an 1 HLT, 2 LGDT, 3 LIDT, or 4...