Xen

Xen

476 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-58144

  • EPSS 0.06%
  • Published 11.09.2025 14:05:36
  • Last modified 24.09.2025 13:55:39

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, w...

7.5

CVE-2025-58145

  • EPSS 0.05%
  • Published 11.09.2025 14:05:36
  • Last modified 24.09.2025 13:50:15

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, w...

9.8

CVE-2025-27466

  • EPSS 0.06%
  • Published 11.09.2025 14:05:29
  • Last modified 22.09.2025 18:53:35

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL ...

9.8

CVE-2025-58142

  • EPSS 0.06%
  • Published 11.09.2025 14:05:29
  • Last modified 24.09.2025 14:04:32

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL ...

9.8

CVE-2025-58143

  • EPSS 0.05%
  • Published 11.09.2025 14:05:29
  • Last modified 24.09.2025 13:59:09

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL ...

7.5

CVE-2025-1713

  • EPSS 0.05%
  • Published 17.07.2025 13:59:46
  • Last modified 17.07.2025 21:15:50

When setting up interrupt remapping for legacy PCI(-X) devices, including PCI(-X) bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This...

4.3

CVE-2025-27465

  • EPSS 0.06%
  • Published 16.07.2025 09:15:23
  • Last modified 17.07.2025 15:15:25

Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replay...

3.8

CVE-2024-31144

  • EPSS 0.03%
  • Published 14.02.2025 21:15:15
  • Last modified 26.04.2025 20:15:31

For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview.html#object-model-overview Xapi contains functionality to backup and restore metadata about Virtual Machines and Storage Repositories (SRs). The meta...

4.7

CVE-2024-2201

  • EPSS 0.03%
  • Published 19.12.2024 21:15:08
  • Last modified 09.01.2025 17:15:12

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

6.5

CVE-2024-45818

  • EPSS 0.06%
  • Published 19.12.2024 12:15:16
  • Last modified 20.05.2025 16:28:07

The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it...