2 matches found
Xen 'arch_do_domctl()' Information Disclosure Vulnerability
Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. An information disclosure vulnerability exists in the 'archdodomctl' function when Xen handles the XENDOMCTLgettscinfo operation, which could be exploited by a local attacker to...
DEBIAN-CVE-2012-3495
The physdevgetfreepirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the getfreepirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service invali...