Xen

Xen

476 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
1.9

CVE-2013-0154

  • EPSS 0.07%
  • Published 12.01.2013 04:33:49
  • Last modified 11.04.2025 00:51:21

The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service (assertion failure and hypervisor crash) via unspecified vectors related to a hypercall.

4.7

CVE-2012-5514

  • EPSS 0.07%
  • Published 13.12.2012 11:53:49
  • Last modified 11.04.2025 00:51:21

The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vect...

4.7

CVE-2012-5515

  • EPSS 0.14%
  • Published 13.12.2012 11:53:49
  • Last modified 11.04.2025 00:51:21

The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.

4.7

CVE-2012-5525

  • EPSS 6.89%
  • Published 13.12.2012 11:53:49
  • Last modified 11.04.2025 00:51:21

The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.

4.7

CVE-2012-6333

  • EPSS 0.07%
  • Published 13.12.2012 11:53:49
  • Last modified 11.04.2025 00:51:21

Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input.

4.7

CVE-2012-5510

  • EPSS 0.09%
  • Published 13.12.2012 11:53:48
  • Last modified 11.04.2025 00:51:21

Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vecto...

4.7

CVE-2012-5511

  • EPSS 0.09%
  • Published 13.12.2012 11:53:48
  • Last modified 11.04.2025 00:51:21

Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image.

6.9

CVE-2012-5513

  • EPSS 0.14%
  • Published 13.12.2012 11:53:48
  • Last modified 11.04.2025 00:51:21

The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memor...

4.6

CVE-2011-3131

Exploit
  • EPSS 0.05%
  • Published 13.12.2012 11:53:33
  • Last modified 11.04.2025 00:51:21

Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock.

1.9

CVE-2012-0218

  • EPSS 0.07%
  • Published 03.12.2012 21:55:01
  • Last modified 11.04.2025 00:51:21

Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter instruction, does not properly clear a flag for exception injection when injecting a General Protection Fault, which allows local PV guest OS users to cau...