Xen

Xen

476 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.6

CVE-2018-10472

  • EPSS 0.09%
  • Veröffentlicht 27.04.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:22

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot...

6.5

CVE-2018-7540

  • EPSS 0.09%
  • Veröffentlicht 27.02.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:19

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.

8.8

CVE-2018-7541

  • EPSS 0.09%
  • Veröffentlicht 27.02.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:19

An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.

6.5

CVE-2018-7542

  • EPSS 0.05%
  • Veröffentlicht 27.02.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:19

An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.

6.5

CVE-2018-5244

  • EPSS 0.06%
  • Veröffentlicht 05.01.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:24

In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure isn't freed when a vcpu is destroyed. This allows guest OS administrators to cause a denial of servic...

7.8

CVE-2017-17563

  • EPSS 0.06%
  • Veröffentlicht 12.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.

7.8

CVE-2017-17564

  • EPSS 0.06%
  • Veröffentlicht 12.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.

5.6

CVE-2017-17565

  • EPSS 0.07%
  • Veröffentlicht 12.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.

7.8

CVE-2017-17566

  • EPSS 0.11%
  • Veröffentlicht 12.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.

6.5

CVE-2017-17044

  • EPSS 0.05%
  • Veröffentlicht 28.11.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors.