Xen

Xen

476 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.9

CVE-2019-18424

  • EPSS 0.12%
  • Veröffentlicht 31.10.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:33:14

An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after...

9.8

CVE-2019-18425

  • EPSS 4.87%
  • Veröffentlicht 31.10.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:33:14

An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest ope...

8.8

CVE-2019-18423

  • EPSS 5.45%
  • Veröffentlicht 31.10.2019 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:33:14

An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. p2m->max_mapped_gfn is used by the functions p2m_resolve_translation_fault() and p2m_get_entry() to sanity c...

6.5

CVE-2019-18420

  • EPSS 4.25%
  • Veröffentlicht 31.10.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:33:13

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function which uses a printf-like format string to interpret it...

7.5

CVE-2019-18421

  • EPSS 1.96%
  • Veröffentlicht 31.10.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:33:13

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoi...

8.8

CVE-2019-18422

  • EPSS 3.77%
  • Veröffentlicht 31.10.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:33:14

An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Interrupts are unconditionally unmasked in exception handlers. When an excep...

5.5

CVE-2019-17349

  • EPSS 0.14%
  • Veröffentlicht 08.10.2019 01:15:11
  • Zuletzt bearbeitet 21.11.2024 04:32:08

An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.

8.8

CVE-2019-17340

  • EPSS 0.08%
  • Veröffentlicht 08.10.2019 01:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:07

An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled.

7.8

CVE-2019-17341

  • EPSS 0.11%
  • Veröffentlicht 08.10.2019 01:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:07

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passed-through PCI device.

7

CVE-2019-17342

  • EPSS 0.12%
  • Veröffentlicht 08.10.2019 01:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:07

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introduced.