Lucene search
K

195 matches found

CVE
CVE
added 2017/07/05 1:0 a.m.94 views

CVE-2017-10915

This CVE refers to Xen shadow-paging: through Xen up to 4.8.x, incorrect reference counting in shadow paging leads to a race that can let a guest OS user gain Xen privileges (XSA-219). The Debian DLA-1132 entry notes patching and fixes for related Xen issues, but does not specify exact patched ve...

9CVSS6.8AI score0.01669EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2017/07/05 1:0 a.m.21 views

CVE-2017-10915

The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219...

9CVSS5.8AI score0.01669EPSS
Exploits0
CNVD
CNVD
added 2017/07/05 12:0 a.m.1 views

Xen shadow-paging feature elevation of privilege vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. A security vulnerability in the Xen shadow-paging feature allows an attacker to exploit the vulnerability to elevate privileges...

9CVSS6.7AI score0.01669EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/09/29 12:0 a.m.50 views

Xen Multiple Vulnerabilities (XSA-186, XSA-187)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by multiple vulnerabilities : - A flaw exists due to improper handling of instruction pointer truncation when emulating HVM instructions. An attacker on the guest can exploit this to gain...

8.2CVSS6.6AI score0.00425EPSS
Exploits0References5
OSV
OSV
added 2016/09/21 2:25 p.m.5 views

CVE-2016-7094

Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update...

4.1CVSS5.9AI score
Exploits0References8
OSV
OSV
added 2016/09/21 2:25 p.m.2 views

ALPINE-CVE-2016-7094

Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update...

4.1CVSS6.5AI score0.00392EPSS
Exploits0References1
OSV
OSV
added 2016/09/21 2:25 p.m.3 views

DEBIAN-CVE-2016-7094

Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update...

4.1CVSS8.2AI score0.00392EPSS
Exploits0References1
OSV
OSV
added 2016/09/21 2:25 p.m.4 views

UBUNTU-CVE-2016-7094

Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update...

4.1CVSS6.7AI score0.00392EPSS
Exploits0References3
Prion
Prion
added 2016/09/21 2:25 p.m.26 views

Buffer overflow

Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update...

1.5CVSS6.8AI score0.00392EPSS
Exploits0References8Affected Software1
Debian
Debian
added 2016/09/09 5:39 a.m.56 views

[SECURITY] [DSA 3663-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3663-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 09, 2016 https://www.debian.org/security/faq -...

8.2CVSS7.8AI score0.00502EPSS
Exploits0
OSV
OSV
added 2016/09/09 12:0 a.m.37 views

DSA-3663-1 xen - security update

Bulletin has no description...

8.2CVSS6.1AI score0.00502EPSS
Exploits0
Xen Project
Xen Project
added 2016/09/08 12:0 p.m.55 views

x86 HVM: Overflow of sh_ctxt->seg_reg[]

ISSUE DESCRIPTION x86 HVM guests running with shadow paging use a subset of the x86 emulator to handle the guest writing to its own pagetables. There are situations a guest can provoke which result in exceeding the space allocated for internal state. IMPACT A malicious HVM guest administrator can...

4.1CVSS0.00392EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2016/09/08 12:0 a.m.31 views

xen-kernel -- x86 HVM: Overflow of sh_ctxt->seg_reg[]

The Xen Project reports: x86 HVM guests running with shadow paging use a subset of the x86 emulator to handle the guest writing to its own pagetables. There are situations a guest can provoke which result in exceeding the space allocated for internal state. A malicious HVM guest administrator can...

4.1CVSS6.8AI score0.00392EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/28 12:0 a.m.6 views

Xen 'paging_invlpg' function denial of service vulnerability

Xen is an open source virtual machine monitor product developed by the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in t...

6.3CVSS8.2AI score0.01277EPSS
Exploits0References1
OSV
OSV
added 2016/01/22 3:59 p.m.4 views

DEBIAN-CVE-2016-1571

The paginginvlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service host crash via a non-canonical guest address in an INVVPID instruction, which triggers a...

6.3CVSS8.2AI score0.01277EPSS
Exploits0References1
Rows per page
Query Builder