40 matches found
EUVD-2015-8492
Malware in sbrugna...
Information disclosure
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...
CVE-2020-29485
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...
CVE-2017-12136
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service free list corruption and host crash or gain privileges on the host via vectors involving maptrack free list handling...
CVE-2017-12136
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service free list corruption and host crash or gain privileges on the host via vectors involving maptrack free list handling...
CVE-2017-12855
Xen maintains the GTFread,writing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the...
Xen memory corruption vulnerability (CNVD-2017-06936)
Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A memory corruption vulnerability...
Null pointer dereference
VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...
CVE-2016-10025
VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...
CVE-2016-10025
VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...
CVE-2016-5242
The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...
CVE-2016-4962
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service resource consumption or management facility confusion or gain host OS privileges by manipulating information in guest controlled areas of xenstore...
CVE-2016-4962
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service resource consumption or management facility confusion or gain host OS privileges by manipulating information in guest controlled areas of xenstore...
CVE-2016-4480
The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...
CVE-2016-4480
The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...
Buffer overflow
Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional aka qemu-dm device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries,...
CVE-2015-8554
Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional aka qemu-dm device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries,...
CVE-2015-8554
Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional aka qemu-dm device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries,...
CVE-2015-8554
CVE-2015-8554 describes a buffer overflow in Xen’s MSI-X handling: in hw/pt-msi.c for Xen 4.6.x and earlier when using the qemu-xen-traditional (qemu-dm) device model. The issue enables local x86 HVM guest administrators, with access to a passed-through MSI-X capable PCI device and MSI-X table en...
CVE-2015-8554
Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional aka qemu-dm device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries,...