Xen@4.1.2 Security Vulnerabilities and Issues — Xen@4.1.2 CVE List

Lucene search

XenXen4.1.2

18 matches found

CVE•added 2015/03/12 2:59 p.m.•173 views

CVE-2015-2150

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device ...

4.9CVSS5.1AI score0.00109EPSS

CVE•added 2015/03/12 2:59 p.m.•101 views

CVE-2015-2151

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors.

7.2CVSS7.2AI score0.00233EPSS

CVE•added 2015/06/03 8:59 p.m.•83 views

CVE-2015-4105

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.

4.9CVSS6.8AI score0.00121EPSS

CVE•added 2015/10/30 3:59 p.m.•77 views

CVE-2015-7969

Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the...

4.9CVSS6.1AI score0.00093EPSS

CVE•added 2015/12/17 7:59 p.m.•77 views

CVE-2015-8340

The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handling.

4.7CVSS8.1AI score0.00073EPSS

CVE•added 2015/03/12 2:59 p.m.•76 views

CVE-2015-2044

The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size.

2.1CVSS4.8AI score0.00082EPSS

CVE•added 2015/06/03 8:59 p.m.•76 views

CVE-2015-4103

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields.

4.9CVSS6.8AI score0.00121EPSS

CVE•added 2015/06/03 8:59 p.m.•76 views

CVE-2015-4104

Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.

7.8CVSS6.7AI score0.08429EPSS

CVE•added 2015/10/01 8:59 p.m.•76 views

CVE-2015-7311

libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.

3.6CVSS6.9AI score0.00067EPSS

CVE•added 2015/10/30 3:59 p.m.•73 views

CVE-2015-7835

The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping.

7.2CVSS5.8AI score0.00122EPSS

CVE•added 2015/10/30 3:59 p.m.•73 views

CVE-2015-7971

Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op...

2.1CVSS6.1AI score0.00089EPSS

CVE•added 2015/12/17 7:59 p.m.•71 views

CVE-2015-8339

The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown.

4.7CVSS8AI score0.00097EPSS

CVE•added 2015/06/15 3:59 p.m.•69 views

CVE-2015-4164

The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set.

4.9CVSS5.4AI score0.00074EPSS

CVE•added 2015/10/30 3:59 p.m.•68 views

CVE-2015-7972

The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM guest users to cause a denial of...

2.1CVSS6.6AI score0.00092EPSS

CVE•added 2015/12/17 7:59 p.m.•66 views

CVE-2015-8341

The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains.

7.8CVSS8.1AI score0.00731EPSS

CVE•added 2015/03/12 2:59 p.m.•65 views

CVE-2015-2045

The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.

2.1CVSS4.6AI score0.00076EPSS

CVE•added 2015/07/16 2:59 p.m.•65 views

CVE-2015-3259

Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument.

6.8CVSS7.4AI score0.00056EPSS

CVE•added 2015/02/09 11:59 a.m.•52 views

CVE-2015-1563

The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged.

2.1CVSS7.9AI score0.00076EPSS