Xen Security Vulnerabilities and Issues — Xen CVE List

CitrixXen

9 matches found

CVE•added 2010/12/08 7:0 p.m.•89 views

CVE-2010-3699

CVE-2010-3699 concerns the Xen 3.x backend driver. The vulnerability allows a guest OS user to trigger a denial of service via a kernel thread leak, which can prevent the device and guest OS from being shut down or create a zombie domain, and may cause a hang in zenwatch or disrupt some xm comman...

2.7CVSS7.3AI score0.00507EPSS

CVE•added 2011/08/12 6:0 p.m.•85 views

CVE-2011-1898

CVE-2011-1898 affects Xen (versions 4.1 before 4.1.1 and 4.0 before 4.0.2). When using PCI passthrough on Intel VT-d chipsets that lack interrupt remapping, a guest OS user can gain host OS privileges by using DMA to generate MSI interrupts via the interrupt injection registers. The provided docu...

7.4CVSS6.7AI score0.00617EPSS

CVE•added 2011/01/11 1:0 a.m.•81 views

CVE-2010-4247

CVE-2010-4247 is a Xen/blkback-blktap DoS vulnerability affecting Xen on Linux kernel 2.6.18 and similar versions, where do_block_io_op can loop indefinitely due to a large production request index in the blkback or blktap back-end drivers, causing CPU exhaustion. Public documents in the Oracle L...

5.5CVSS7.4AI score0.00615EPSS

CVE•added 2011/08/12 6:0 p.m.•72 views

CVE-2011-1583

CVE-2011-1583 affects Xen up to 4.1 (and 3.x), where multiple integer overflows in xc_dom_bzimageloader.c during decompress/load of a paravirtualised guest kernel image allow a local user to cause a denial of service and potentially execute arbitrary code. The issue can trigger a buffer overflow ...

6.9CVSS7.4AI score0.00515EPSS

CVE•added 2011/08/19 8:0 p.m.•72 views

CVE-2011-3262

CVE-2011-3262 affects Xen hypervisor versions 3.2–4.1. It stems from lack of error checking in the decompression loop of the bzimage loader, allowing a local attacker to trigger a denial-of-service via infinite loop/resource consumption in management domain. Connected advisories confirm the same ...

2.1CVSS6AI score0.00096EPSS

CVE•added 2011/01/22 9:0 p.m.•68 views

CVE-2010-4238

CVE-2010-4238 affects the vbd_create hook in Xen 3.1.2 when running with Linux kernel 2.6.18 on RHEL5 (and related) environments, allowing guest OS users to trigger a host OS panic by attempting access to a virtual CD-ROM device through the blkback driver. The MiracleLinux AXSA advisory (which re...

5.5CVSS5.8AI score0.00395EPSS

CVE•added 2011/01/25 12:0 a.m.•53 views

CVE-2010-4255

CVE-2010-4255 affects Xen 4.0.1 and earlier on x86_64 PV; fixup_page_fault in arch/x86/traps.c may call handle_gdt_ldt_mapping_fault without verifying kernel mode, allowing a guest OS user to trigger host OS denial of service (BUG_ON). MiracleLinux/VMware/Linux advisories include this CVE among f...

6.1CVSS5.2AI score0.00819EPSS

CVE•added 2008/10/03 5:18 p.m.•49 views

CVE-2008-4405

CVE-2008-4405 affects Xen 3.0.3 (xend) where the /local/domain xenstore tree is not properly restricted, allowing a guest DomU to write to (console/tty, console/limit, image/device-model-pid) and potentially cause a denial of service with unspecified other impact. Multiple advisories (RHSA-2009:0...

7.2CVSS7.8AI score0.00894EPSS

CVE•added 2008/12/24 5:0 p.m.•44 views

CVE-2008-5716

Technical details for CVE-2008-5716 are not publicly available in the provided documents. The connected Nessus/OpenVAS entries reference CVE-2008-4405 and CVE-2008-4993 related to xenstore permissions, but do not provide specifics for CVE-2008-5716.

7.2CVSS6.7AI score0.00894EPSS