Xen

Xen

479 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.6

CVE-2017-17565

  • EPSS 0.07%
  • Veröffentlicht 12.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.

7.8

CVE-2017-17566

  • EPSS 0.11%
  • Veröffentlicht 12.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.

6.5

CVE-2017-17044

  • EPSS 0.05%
  • Veröffentlicht 28.11.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors.

8.8

CVE-2017-17045

  • EPSS 0.07%
  • Veröffentlicht 28.11.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) P...

6.5

CVE-2017-17046

  • EPSS 0.06%
  • Veröffentlicht 28.11.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled.

9.1

CVE-2017-15597

  • EPSS 1.35%
  • Veröffentlicht 30.10.2017 14:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy ...

7.8

CVE-2017-15588

  • EPSS 0.08%
  • Veröffentlicht 18.10.2017 08:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry.

6.5

CVE-2017-15589

  • EPSS 0.09%
  • Veröffentlicht 18.10.2017 08:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack ...

8.8

CVE-2017-15590

  • EPSS 0.07%
  • Veröffentlicht 18.10.2017 08:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.

6.5

CVE-2017-15591

  • EPSS 0.05%
  • Veröffentlicht 18.10.2017 08:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unma...