EUVD-2016-10187

Malware in sbrugna...

Buffer Overflow

xen has buffer overflow. The vulnerability exists due to the system allowing access to a discontinuous range...

CVE-2016-4480

The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...

CVE-2016-2270

Xen 4.6.x and earlier allows local guest administrators to cause a denial of service host reboot via vectors related to multiple mappings of MMIO pages with different cachability settings...

CVE-2014-3124

The HVMOPsetmemtype control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service hypervisor crash or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types...

CVE-2013-2212

The vmxsetucmode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service CPU consumption and possibly hypervisor or guest kernel panic via a crafted GFN range...