Xen

Xen

476 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2015-5166

  • EPSS 0.07%
  • Published 12.08.2015 14:59:25
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.

9.3

CVE-2015-5165

  • EPSS 10.86%
  • Published 12.08.2015 14:59:24
  • Last modified 12.04.2025 10:46:40

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

7.2

CVE-2015-5154

  • EPSS 0.2%
  • Published 12.08.2015 14:59:23
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

6.8

CVE-2015-3259

  • EPSS 0.06%
  • Published 16.07.2015 14:59:01
  • Last modified 12.04.2025 10:46:40

Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument.

4.9

CVE-2015-4164

  • EPSS 0.07%
  • Published 15.06.2015 15:59:13
  • Last modified 12.04.2025 10:46:40

The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set.

4.9

CVE-2015-4163

  • EPSS 0.1%
  • Published 15.06.2015 15:59:12
  • Last modified 12.04.2025 10:46:40

GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_v...

4.9

CVE-2015-4105

  • EPSS 0.12%
  • Published 03.06.2015 20:59:08
  • Last modified 12.04.2025 10:46:40

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.

7.8

CVE-2015-4104

  • EPSS 8.43%
  • Published 03.06.2015 20:59:07
  • Last modified 12.04.2025 10:46:40

Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.

4.9

CVE-2015-4103

  • EPSS 0.12%
  • Published 03.06.2015 20:59:06
  • Last modified 12.04.2025 10:46:40

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and acces...

7.7

CVE-2015-3456

  • EPSS 33.91%
  • Published 13.05.2015 18:59:00
  • Last modified 12.04.2025 10:46:40

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_...