84 matches found
Xen unspecified domctl operation denial of service vulnerability
Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. A security vulnerability exists in Xen when using toolstack decomposition. A denial-of-service attack is allowed on a remote domain under partial administrative control via an...
DEBIAN-CVE-2015-2751
Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service host lock via unspecified domctl operations...
CVE-2015-2751
CVE-2015-2751 affects Xen hypervisor (versions 4.3.x–4.5.x) when using toolstack disaggregation. It allows remote domains with partial management control to lock up the host via unspecified domctl operations, causing a Denial of Service. The linked advisories indicate the issue is addressed in Xe...
CVE-2015-2751
Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service host lock via unspecified domctl operations...
CVE-2015-2751
Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service host lock via unspecified domctl operations...
Certain domctl operations may be abused to lock up the host
ISSUE DESCRIPTION XSA-77 put the majority of the domctl operations on a list excepting them from having security advisories issued for them if any effects their use might have could hamper security. Subsequently some of them got declared disaggregation safe, but for a small subset this was not...
xen-kernel -- Certain domctl operations may be abused to lock up the host
The Xen Project reports: XSA-77 put the majority of the domctl operations on a list excepting them from having security advisories issued for them if any effects their use might have could hamper security. Subsequently some of them got declared disaggregation safe, but for a small subset this was...
xen-tools -- HVM qemu unexpectedly enabling emulated VGA graphics backends
The Xen Project reports: When instantiating an emulated VGA device for an x86 HVM guest qemu will by default enable a backend to expose that device, either SDL or VNC depending on the version of qemu and the build time configuration. The libxl toolstack library does not explicitly disable these...
HVM qemu unexpectedly enabling emulated VGA graphics backends
ISSUE DESCRIPTION When instantiating an emulated VGA device for an x86 HVM guest qemu will by default enable a backend to expose that device, either SDL or VNC depending on the version of qemu and the build time configuration. The libxl toolstack library does not explicitly disable these default...
DEBIAN-CVE-2014-1950
Use-after-free vulnerability in the xccpupoolgetinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xccpumapalloc function, which allows local users with access to management functions to cause a denial of service heap corrupti...
Design/Logic Flaw
Use-after-free vulnerability in the xccpupoolgetinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xccpumapalloc function, which allows local users with access to management functions to cause a denial of service heap corrupti...
CVE-2014-1950
Use-after-free vulnerability in the xccpupoolgetinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xccpumapalloc function, which allows local users with access to management functions to cause a denial of service heap corrupti...
ocaml xenstored mishandles oversized message replies
ISSUE DESCRIPTION The Ocaml xenstored implementation "oxenstored" cannot correctly handle a message reply larger than XENSTOREPAYLOADSIZE when communicating with a client domain via the shared ring mechanism. When this situation occurs the connection to the client domain will be shutdown and cann...
CVE-2013-4371
Use-after-free vulnerability in the libxllistcpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of service heap corruption and crash...
possible null dereference when parsing vif ratelimiting info
ISSUE DESCRIPTION The libxlu library function xluvifparserate does not properly handle inputs which consist solely of the '@' character, leading to a NULL pointer dereference. IMPACT A toolstack which allows untrusted users to specify an arbitrary configuration for the VIF rate can be subjected t...
use-after-free in libxl_list_cpupool under memory pressure
ISSUE DESCRIPTION If realloc3 fails then libxllistcpupool will incorrectly return the now-free original pointer. IMPACT An attacker may be able to cause a multithreaded toolstack using this function to race against itself leading to heap corruption and a potential DoS. Depending on the malloc...
CVE-2013-2072
Buffer overflow in the Python bindings for the xcvcpusetaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service memory corruption and xend toolstack crash and possibly gain privileges via a crafted cpumap...
Buffer overflow
Buffer overflow in the Python bindings for the xcvcpusetaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service memory corruption and xend toolstack crash and possibly gain privileges via a crafted cpumap...
CVE-2013-2072
Buffer overflow in the Python bindings for the xcvcpusetaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service memory corruption and xend toolstack crash and possibly gain privileges via a crafted cpumap...
CVE-2013-2072
Buffer overflow in the Python bindings for the xcvcpusetaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service memory corruption and xend toolstack crash and possibly gain privileges via a crafted cpumap...