Filtered by vendor Xen
Subscribe
Total
470 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3714 | 1 Xen | 1 Xen | 2025-04-12 | 3.3 LOW | N/A |
| The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit ARM guest kernel in an image, which triggers a buffer overflow. | |||||
| CVE-2014-5148 | 1 Xen | 1 Xen | 2025-04-12 | 4.6 MEDIUM | N/A |
| Xen 4.4.x, when running on an ARM system and "handling an unknown system register access from 64-bit userspace," returns to an instruction of the trap handler for kernel space faults instead of an instruction that is associated with faults in 64-bit userspace, which allows local guest users to cause a denial of service (crash) and possibly gain privileges via a crafted process. | |||||
| CVE-2014-3969 | 1 Xen | 1 Xen | 2025-04-12 | 7.4 HIGH | N/A |
| Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors. | |||||
| CVE-2014-2580 | 1 Xen | 1 Xen | 2025-04-12 | 4.4 MEDIUM | N/A |
| The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which causes a mutex to be taken when trying to disable the interface. | |||||
| CVE-2014-3716 | 1 Xen | 1 Xen | 2025-04-12 | 1.9 LOW | N/A |
| Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service (crash) via an unspecified field in a DTB header in a 32-bit guest kernel. | |||||
| CVE-2014-2915 | 1 Xen | 1 Xen | 2025-04-12 | 5.5 MEDIUM | N/A |
| Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vectors, related to (1) cache control, (2) coprocessors, (3) debug registers, and (4) other unspecified registers. | |||||
| CVE-2014-4022 | 1 Xen | 1 Xen | 2025-04-12 | 2.7 LOW | N/A |
| The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which allows local guest administrators to obtain sensitive information via the GNTTABOP_setup_table subhypercall. | |||||
| CVE-2015-8555 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-12 | 5.0 MEDIUM | 8.6 HIGH |
| Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors. | |||||
| CVE-2015-2150 | 3 Linux, Ubuntu, Xen | 3 Linux Kernel, Ubuntu, Xen | 2025-04-12 | 4.9 MEDIUM | N/A |
| Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. | |||||
| CVE-2015-7971 | 1 Xen | 1 Xen | 2025-04-12 | 2.1 LOW | N/A |
| Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op function in common/xenoprof.c, or (2) HYPERVISOR_xenpmu_op hypercalls, which are not properly handled in the do_xenpmu_op function in arch/x86/cpu/vpmu.c. | |||||
| CVE-2015-7972 | 1 Xen | 1 Xen | 2025-04-12 | 2.1 LOW | N/A |
| The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to "heavy memory pressure." | |||||
| CVE-2015-7812 | 1 Xen | 1 Xen | 2025-04-12 | 4.9 MEDIUM | N/A |
| The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface. | |||||
| CVE-2015-4105 | 1 Xen | 1 Xen | 2025-04-12 | 4.9 MEDIUM | N/A |
| Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations. | |||||
| CVE-2014-3125 | 1 Xen | 1 Xen | 2025-04-12 | 6.2 MEDIUM | N/A |
| Xen 4.4.x, when running on an ARM system, does not properly context switch the CNTKCTL_EL1 register, which allows local guest users to modify the hardware timers and cause a denial of service (crash) via unspecified vectors. | |||||
| CVE-2012-5515 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value. | |||||
| CVE-2013-1918 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal." | |||||
| CVE-2012-2625 | 1 Xen | 2 Xen, Xen-unstable | 2025-04-11 | 2.7 LOW | N/A |
| The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image. | |||||
| CVE-2013-4553 | 1 Xen | 1 Xen | 2025-04-11 | 5.2 MEDIUM | N/A |
| The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock). | |||||
| CVE-2013-2077 | 1 Xen | 1 Xen | 2025-04-11 | 5.2 MEDIUM | N/A |
| Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor crash) via unspecified vectors. | |||||
| CVE-2012-6035 | 1 Xen | 1 Xen | 2025-04-11 | 6.9 MEDIUM | N/A |
| The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 does not properly validate pool ids, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. | |||||