Xen

Xen

476 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-12136

  • EPSS 0.05%
  • Published 24.08.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling...

8.8

CVE-2017-12137

  • EPSS 0.1%
  • Published 24.08.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.

6.5

CVE-2017-12855

  • EPSS 0.09%
  • Published 15.08.2017 16:29:00
  • Last modified 20.04.2025 01:37:25

Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in...

10

CVE-2017-10912

  • EPSS 1.67%
  • Published 05.07.2017 01:29:00
  • Last modified 20.04.2025 01:37:25

Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.

9.8

CVE-2017-10913

  • EPSS 1.2%
  • Published 05.07.2017 01:29:00
  • Last modified 20.04.2025 01:37:25

The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1.

8.1

CVE-2017-10914

  • EPSS 0.6%
  • Published 05.07.2017 01:29:00
  • Last modified 20.04.2025 01:37:25

The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.

9

CVE-2017-10915

  • EPSS 0.49%
  • Published 05.07.2017 01:29:00
  • Last modified 20.04.2025 01:37:25

The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.

7.5

CVE-2017-10916

  • EPSS 0.39%
  • Published 05.07.2017 01:29:00
  • Last modified 20.04.2025 01:37:25

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, a...

9.4

CVE-2017-10917

  • EPSS 0.84%
  • Published 05.07.2017 01:29:00
  • Last modified 20.04.2025 01:37:25

Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.

10

CVE-2017-10918

  • EPSS 1.67%
  • Published 05.07.2017 01:29:00
  • Last modified 20.04.2025 01:37:25

Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.