Xen

Xen

483 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-7542

  • EPSS 0.05%
  • Veröffentlicht 27.02.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:19

An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.

6.5

CVE-2018-5244

  • EPSS 0.06%
  • Veröffentlicht 05.01.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:24

In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure isn't freed when a vcpu is destroyed. This allows guest OS administrators to cause a denial of servic...

7.8

CVE-2017-17563

  • EPSS 0.06%
  • Veröffentlicht 12.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.

7.8

CVE-2017-17564

  • EPSS 0.06%
  • Veröffentlicht 12.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.

5.6

CVE-2017-17565

  • EPSS 0.07%
  • Veröffentlicht 12.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.

7.8

CVE-2017-17566

  • EPSS 0.11%
  • Veröffentlicht 12.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.

6.5

CVE-2017-17044

  • EPSS 0.05%
  • Veröffentlicht 28.11.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors.

8.8

CVE-2017-17045

  • EPSS 0.07%
  • Veröffentlicht 28.11.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) P...

6.5

CVE-2017-17046

  • EPSS 0.06%
  • Veröffentlicht 28.11.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled.

9.1

CVE-2017-15597

  • EPSS 1.35%
  • Veröffentlicht 30.10.2017 14:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy ...