14 matches found
EUVD-2012-3450
Malware in sbrugna...
Citrix XenServer Multiple Security Updates (CTX223291)
A number of security issues have been identified within Citrix XenServer. These issues could, if exploited, allow a malicious administrator of a PV guest VM to compromise the host. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and a...
Citrix XenServer Multiple Security Updates (CTX201145)
A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to crash the host. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 6.5 Service Pack 1...
CVE-2012-3516
The GNTTABOPswapgrantref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service host crash and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hyperviso...
DEBIAN-CVE-2012-3498
PHYSDEVOPmappirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service host crash and possibly read hypervisor or guest memory via vectors related to a missing range check of map-index...
Memory corruption
The GNTTABOPswapgrantref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service host crash and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hyperviso...
Design/Logic Flaw
The setdebugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service host crash by writing to the reserved bits of the DR7 debug control register...
CVE-2012-3495
The physdevgetfreepirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the getfreepirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service invali...
CVE-2012-3496
XENMEMpopulatephysmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service BUG triggered and host crash via invalid flags such as MEMFpopulateondemand...
CVE-2012-3516
The GNTTABOPswapgrantref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service host crash and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hyperviso...
CVE-2012-3498
CVE-2012-3498 affects Xen 4.1/4.2 and Citrix XenServer 6.0.2 and earlier. The vulnerability (PHYSDEVOP_map_pirq index) arises from a missing range check on map->index, enabling a local HVM guest to crash the host and potentially read hypervisor/guest memory. Impact per sources: Denial of Servi...
CVE-2012-3516
The GNTTABOPswapgrantref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service host crash and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hyperviso...
CVE-2012-3494
The setdebugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service host crash by writing to the reserved bits of the DR7 debug control register...
CVE-2012-3516
The GNTTABOPswapgrantref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service host crash and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hyperviso...